2 matches found
CVE-2022-26260
Simple-Plist v1.3.0 was discovered to contain a prototype pollution vulnerability via .parse...
CVE-2022-26260
CVE-2022-26260 affects Simple-Plist v1.3.0. The Red Hat, Veracode, and OSV entries, plus CVE records, confirm a prototype-pollution vulnerability in the library exposed via the .parse() function. Root cause: improper handling during parsing that allows injection of properties into construct proto...