Binaries for the AsyncBridge library. Visit https://github.com/tejacques/AsyncBridge for an overview and usage examples.

CVE History

CVEAffectedPublishedCVSS v3CVSS v2
< 2.6.4, >= 3.0.0, < 3.2.27.8 HIGH6.8 MEDIUM

In Async before 2.6.4 and 3.x before 3.2.2, a malicious user can obtain privileges via the mapValues() method, aka lib/internal/iterator.js createObjectIterator prototype pollution.