CVE-2021-23558

Published January 28th, 2022

View on NVD ↗

CVSS v3

7.3

HIGH

CVSS v2

7.5

HIGH

Affected

PROJECT

Description

The package bmoor before 0.10.1 are vulnerable to Prototype Pollution due to missing sanitization in set function. **Note:** This vulnerability derives from an incomplete fix in [CVE-2020-7736](https://security.snyk.io/vuln/SNYK-JS-BMOOR-598664)

b-heilman/bmoor

Javascript system for bootstrapping, autoloading, and defining functionality

GitHub