Lucene search

GitHub Advisory DatabaseGHSA-QJ86-V6M7-4QV2

HistoryJun 17, 2024 - 6:31 p.m.

Object Resolver Prototype Pollution

2024-06-1718:31:33

CWE-1321

GitHub Advisory Database

github.com

vulnerability

prototype pollution

apphp

js-object-resolver

module.setnestedproperty

software

6.7 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

apphp js-object-resolver < 3.1.1 is vulnerable to Prototype Pollution via Module.setNestedProperty.

Affected configurations

Vulners

Node

apphpapphp_calendarRange<3.1.1

CPENameOperatorVersion
@apphp/object-resolverlt3.1.1

CPE	Name	Operator	Version
	@apphp/object-resolver	lt	3.1.1

gist.github.com/mestrtee/c90189f3d8480a5f267395ec40701373

github.com/advisories/GHSA-qj86-v6m7-4qv2

github.com/apphp/js-object-resolver/commit/7e347a26bf04d6a4f7525f6605666afbb218afca

nvd.nist.gov/vuln/detail/CVE-2024-36577