Description
All versions of package querymen are vulnerable to Prototype Pollution if the parameters of exported function handler(type, name, fn) can be controlled by users without any sanitization. Note: This vulnerability derives from an incomplete fix of [CVE-2020-7600](https://security.snyk.io/vuln/SNYK-JS-QUERYMEN-559867).
Remediation
References
https://snyk.io/vuln/SNYK-JS-QUERYMEN-2391488
Related Vulnerabilities
CVE-2017-16100 Vulnerability in npm package dns-sync
CVE-2020-13110 Vulnerability in npm package kerberos
CVE-2023-27563 Vulnerability in npm package n8n
CVE-2020-7616 Vulnerability in npm package express-mock-middleware
CVE-2021-33611 Vulnerability in maven package org.webjars.bowergithub.vaadin:vaadin-menu-bar