Description
This affects all versions of package iniparserjs. This vulnerability relates when ini_parser.js is concentrating arrays. Depending on if user input is provided, an attacker can overwrite and pollute the object prototype of a program.
Remediation
References
https://www.npmjs.com/package/iniparserjs
https://snyk.io/vuln/SNYK-JS-INIPARSERJS-1065989
Related Vulnerabilities
CVE-2023-45884 Vulnerability in npm package openmct
CVE-2019-5442 Vulnerability in maven package ro.pippo:pippo-jaxb
CVE-2019-19771 Vulnerability in npm package ripedm160
CVE-2019-16777 Vulnerability in maven package org.webjars.npm:npm
CVE-2017-18353 Vulnerability in npm package rendertron-middleware