2 matches found
CVE-2021-25915
Prototype pollution vulnerability in 'changeset' versions 0.0.1 through 0.2.5 allows an attacker to cause a denial of service and may lead to remote code execution...
CVE-2021-25915
CVE-2021-25915 affects the npm package changeset (versions 0.0.1–0.2.5). The root cause is a prototype-pollution flaw in the apply() function that allows unvalidated changes to pollute Object prototypes, enabling Denial of Service and potentially Remote Code Execution. Public advisories (GitHub G...