Description
Prototype pollution vulnerability in stealjs steal 2.2.4 via the alias variable in babel.js.
Remediation
References
https://github.com/stealjs/steal/blob/c9dd1eb19ed3f97aeb93cf9dcea5d68ad5d0ced9/ext/babel.js#L4216
https://github.com/stealjs/steal/blob/c9dd1eb19ed3f97aeb93cf9dcea5d68ad5d0ced9/ext/babel.js#L4569
https://github.com/stealjs/steal/issues/1534
Related Vulnerabilities
CVE-2020-26302 Vulnerability in maven package org.webjars.bower:is_js
CVE-2022-36098 Vulnerability in maven package org.xwiki.platform:xwiki-platform-mentions-ui
CVE-2013-6397 Vulnerability in maven package org.apache.solr:solr-core
CVE-2023-44487 Vulnerability in maven package org.apache.tomcat:tomcat-coyote
CVE-2022-31023 Vulnerability in maven package com.typesafe.play:play_2.12