Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:39475
HistoryMar 01, 2023 - 9:54 a.m.

Prototype Pollution

2023-03-0109:54:07
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
7
prototype pollution
rangy
vulnerability
recursive merge
object properties

EPSS

0.001

Percentile

33.6%

rangy is vulnerable to Prototype Pollution. The vulnerability exists in the extend function of rangy-core.js, due to the usage of a recursive merge which allows an attacker to modify Object.prototype properties, resulting in Prototype Pollution.

EPSS

0.001

Percentile

33.6%

Related for VERACODE:39475