Releases93
Frequency1 month 3 weeks
Last Release
Higher-order functions and common patterns for asynchronous code

CVE History

CVEAffectedPublishedCVSS v3CVSS v2
< 2.6.4, >= 3.0.0, < 3.2.27.8 HIGH6.8 MEDIUM

In Async before 2.6.4 and 3.x before 3.2.2, a malicious user can obtain privileges via the mapValues() method, aka lib/internal/iterator.js createObjectIterator prototype pollution.