PT-2022-11686 · Unknown · Cronvel Tree-Kit
Published
2022-12-25
·
Updated
2024-05-17
·
CVE-2021-4278
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
cronvel tree-kit versions up to 0.6.x
Description
A problematic vulnerability has been found, affecting an unknown part of the software. The issue leads to improperly controlled modification of object prototype attributes, also known as 'prototype pollution'.
Recommendations
For cronvel tree-kit versions up to 0.6.x, upgrade to version 0.7.0 to address this issue.
Fix
Prototype Pollution
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Cronvel Tree-Kit