protobufjs is vulnerable to prototype pollution. An attacker is able to add/modify properties of the Object.prototype by parsing/loading .proto files or via providing untrusted user input to util.setProperty
or to ReflectionObject.setParsedOption
functions, resulting in prototype pollution.
CPE | Name | Operator | Version |
---|---|---|---|
protobufjs | le | 6.11.2 | |
protobufjs | le | 6.11.2 | |
protobufjs | le | 6.10.2 | |
protobufjs | le | 6.11.2 | |
protobufjs | le | 6.11.2 | |
protobufjs | le | 6.10.2 |