Description
Prototype pollution vulnerability via .parse() in Plist before v3.0.4 allows attackers to cause a Denial of Service (DoS) and may lead to remote code execution.
Remediation
References
https://github.com/TooTallNate/plist.js/issues/114
Related Vulnerabilities
CVE-2021-21353 Vulnerability in maven package org.webjars.npm:pug
CVE-2022-42004 Vulnerability in maven package com.fasterxml.jackson.core:jackson-databind
CVE-2023-40167 Vulnerability in maven package org.eclipse.jetty:jetty-http
CVE-2019-0194 Vulnerability in maven package org.apache.camel:camel-core
CVE-2013-6397 Vulnerability in maven package org.apache.solr:solr-velocity