robinweser fast-loops v1.1.3 was discovered to contain a...
Unreviewed
Published
Jul 1, 2024
to the GitHub Advisory Database
•
Updated Jul 1, 2024
Description
Published by the National Vulnerability Database
Jul 1, 2024
Published to the GitHub Advisory Database
Jul 1, 2024
Last updated
Jul 1, 2024
robinweser fast-loops v1.1.3 was discovered to contain a prototype pollution via the function objectMergeDeep. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties.
References