nathan7/fun-map

Releases11

Frequency6 days 20 hours

Last Release about 12 years ago

Stars1

a few functional utilities for pretending that JS objects are Clojure string maps.

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2020-7644 ↗	Apr 28, 2020Tuesday, 28 April 2020, 19:15	8.1 HIGH	6.8 MEDIUM
fun-map through 3.3.1 is vulnerable to Prototype Pollution. The function assocInM could be tricked into adding or modifying properties of 'Object.prototype' using a '__proto__' payload.