CVE-2019-10792
on github
Published
Severity
CVSS v3:
6.3 MEDIUM
CVSS v2:
6.5 MEDIUM
Description
bodymen before 1.1.1 is vulnerable to Prototype Pollution. The handler function could be tricked into adding or modifying properties of Object.prototype using a __proto__ payload.
References
Configurations
CPE23 | Version Start | Version End | Exact Version |
---|---|---|---|
cpe:2.3:a:bodymen_project:bodymen:*:*:*:*:*:node.js:*:* | n/a | 1.1.1 | * |