2 matches found
CVE-2021-23328
This affects all versions of package iniparserjs. This vulnerability relates when iniparser.js is concentrating arrays. Depending on if user input is provided, an attacker can overwrite and pollute the object prototype of a program...
CVE-2021-23328
CVE-2021-23328 affects iniparserjs. The connected documents describe a Prototype Pollution vulnerability arising when ini_parser.js concentrates arrays, allowing an attacker to overwrite/pollute the Object.prototype based on user input. This affects all versions of the package per the CVE entry, ...