Description

pathval before version 1.1.1 is vulnerable to prototype pollution.

Remediation

References

https://snyk.io/vuln/SNYK-JS-PATHVAL-596926

https://github.com/chaijs/pathval/pull/58/files

Related Vulnerabilities

CVE-2023-49093 Vulnerability in maven package org.htmlunit:htmlunit

CVE-2021-21479 Vulnerability in maven package com.sap.scimono:scimono-server

CVE-2020-35149 Vulnerability in maven package org.webjars.npm:mquery

CVE-2022-36437 Vulnerability in maven package com.hazelcast:hazelcast

CVE-2021-23760 Vulnerability in npm package keyget

Severity

High

Classification

CWE-1321 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Tags

Exploit Patch Third Party Advisory