Affecting mpath package, versions <0.5.1
Affected versions of this package are vulnerable to Prototype Pollution. An attacker could specify a path that include the prototype object, and thus overwrite important properties on Object.prototype or add new ones.
Upgrade mpath to version 0.5.1 or higher.
Do your applications use this vulnerable package?
- Cristian-Alexandru Staicu
- Snyk ID
- 11 Dec, 2018
- 12 Dec, 2018