Prototype pollution vulnerability in dot-prop npm package versions prior to 4.2.1 and versions 5.x prior to 5.1.1 allows an malicious user to add arbitrary properties to JavaScript language constructs such as objects.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
dot-prop project dot-prop |