UglifyJS 安全漏洞

UglifyJS is a JavaScript parser, compressor, cruncher and beautification toolkit for mishoo individual developers. A security vulnerability exists in UglifyJS version 3.13.2, which stems from the susceptibility of ast.js' DEFNODE function to prototype contamination...

PT-2022-24020 · Mishoo +1 · Uglify-Js +1

Name of the Vulnerable Software and Affected Versions: mishoo UglifyJS version 3.13.2 Description: The issue is related to a prototype pollution vulnerability in the function DEFNODE in ast.js, specifically via the name variable. This vulnerability is present in mishoo UglifyJS. The vendor has...