Description
Flaw in input validation in npm package klona version 1.1.0 and earlier may allow prototype pollution attack that may result in remote code execution or denial of service of applications using klona.
Remediation
References
https://hackerone.com/reports/778414
Related Vulnerabilities
CVE-2023-47320 Vulnerability in maven package org.silverpeas.core:silverpeas-core-web
CVE-2020-28464 Vulnerability in npm package djv
CVE-2020-7726 Vulnerability in npm package safe-object2
CVE-2021-39184 Vulnerability in npm package electron
CVE-2021-29486 Vulnerability in npm package cumulative-distribution-function