@akbr/update Prototype Pollution · CVE-2024-36578 · GitHub Advisory Database · GitHub

@akbr/update Prototype Pollution

Moderate severity GitHub Reviewed Published Jun 17, 2024 to the GitHub Advisory Database • Updated Jun 17, 2024

Package

@akbr/update (npm)

Affected versions

<= 1.0.0

Patched versions

None

Description

akbr update 1.0.0 is vulnerable to Prototype Pollution via update/index.js.

References

Published by the National Vulnerability Database

Jun 17, 2024

Published to the GitHub Advisory Database Jun 17, 2024

Reviewed Jun 17, 2024

Last updated Jun 17, 2024