Releases9
Frequency3 weeks 6 days
Last Release
Stars1
Light-weight approximate implementation of ES7's async-await.

CVE History

CVEAffectedPublishedCVSS v3CVSS v2
< 2.6.4, >= 3.0.0, < 3.2.27.8 HIGH6.8 MEDIUM

In Async before 2.6.4 and 3.x before 3.2.2, a malicious user can obtain privileges via the mapValues() method, aka lib/internal/iterator.js createObjectIterator prototype pollution.