@allanlancioni/flatten-json is vulnerable to Prototype Pollution. The vulnerability is due to the unflattenJSON
method, allowing attackers to exploit properties such as __proto__
or constructor.prototype
to inject malicious payloads.
CPE | Name | Operator | Version |
---|---|---|---|
@allanlancioni/flatten-json | le | 1.0.1 | |
@allanlancioni/flatten-json | le | 1.0.1 |