CVE-2020-28462

ion-parser is affected by prototype pollution when an application uses parse to read a crafted INI file. The issue affects all versions of ion-parser and can pollute the application’s Object.prototype, enabling further exploitation depending on context. Public writeups and security feeds (e.g., S...