Prototype Pollution in klona

ID GHSA-4R97-78GF-Q24V
Type github
Reporter GitHub Advisory Database
Modified 2020-09-04T17:53:27


Versions of klona prior to 1.1.1 are vulnerable to prototype pollution. The package does not restrict the modification of an Object's prototype when cloning objects, which may allow an attacker to add or modify an existing property that will exist on all objects.


Upgrade to version 1.1.1 or later.