0.001 Low
EPSS
Percentile
51.0%
whois is vulnerable to prototype pollution. The vulnerability exists in the lookup function of index.js via the addr variable which allows an attacker to modify object prototype attributes, resulting in prototype pollution.
lookup
index.js
addr
github.com/advisories/GHSA-97jv-c342-5xhc
github.com/FurqanSoftware/node-whois/commit/46ccc2aee8d063c7b6b4dee2c2834113b7286076
github.com/FurqanSoftware/node-whois/pull/105
vuldb.com/?id.216252