Description
A prototype pollution vulnerability was found in module mpath <0.5.1 that allows an attacker to inject arbitrary properties onto Object.prototype.
Remediation
References
https://hackerone.com/reports/390860
Related Vulnerabilities
CVE-2020-7613 Vulnerability in npm package clamscan
CVE-2021-46063 Vulnerability in maven package net.mingsoft:ms-mcms
CVE-2019-1003000 Vulnerability in maven package org.jenkins-ci.plugins:script-security
CVE-2021-23358 Vulnerability in npm package underscore
CVE-2023-37954 Vulnerability in maven package com.sonyericsson.hudson.plugins.rebuild:rebuild