PT-2021-16872 · Unknown · Nconf-Toml
Published
2021-05-25
·
Updated
2023-08-08
·
CVE-2021-25946
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
nconf-toml versions 0.0.1 through 0.0.2
Description
The issue allows an attacker to cause a denial of service and may lead to remote code execution due to a prototype pollution vulnerability.
Recommendations
For versions 0.0.1 through 0.0.2, update to a version that fixes the prototype pollution issue to prevent potential denial of service and remote code execution attacks.
Exploit
Fix
Prototype Pollution
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Nconf-Toml