EPSS
Percentile
79.8%
nconf-toml is vulnerable to prototype pollution. An attacker is able to inject properties into existing construct prototypes and modify attributes such as __proto__, constructor and prototype.
__proto__
constructor
prototype
http:
github.com/RobLoach/nconf-toml/blob/8ade08cd1cfb9691ab7cc5c3514cc05c5085918f/index.js#L8
www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25946