Description
Prototype pollution vulnerability in 'dotty' versions 0.0.1 through 0.1.0 allows attackers to cause a denial of service and may lead to remote code execution.
Remediation
References
https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25912
https://github.com/deoxxa/dotty/commit/cd997d37917186c131be71501a698803f2b7ebdb
Related Vulnerabilities
CVE-2022-24697 Vulnerability in maven package org.apache.kylin:kylin-server-base
CVE-2022-36599 Vulnerability in maven package net.mingsoft:ms-mcms
CVE-2021-25930 Vulnerability in maven package org.opennms:opennms-webapp
CVE-2021-39148 Vulnerability in maven package com.thoughtworks.xstream:xstream
CVE-2020-28442 Vulnerability in maven package org.webjars.npm:js-data