0.001 Low
EPSS
Percentile
48.0%
liquidjs is vulnerable to information disclosure. The vulnerability exists in the readProperty function in context.ts, which will result in leaking properties of a prototype when the ownpropertyonly parameter is set to false.
readProperty
context.ts
ownpropertyonly
github.com/advisories/GHSA-45rm-2893-5f49
github.com/harttle/liquidjs/commit/7e99efc5131e20cf3f59e1fc2c371a15aa4109db
github.com/harttle/liquidjs/commit/7eb621601c2b05d6e379e5ce42219f2b1f556208
github.com/harttle/liquidjs/issues/454
groups.google.com/u/0/a/snyk.io/g/report/c/9ipXecWRtTM/m/IgLadevtCQAJ