robinweser fast-loops v1.1.3 was discovered to contain a prototype pollution via the function objectMergeDeep
. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties.
{ "github_reviewed": true, "nvd_published_at": "2024-07-01T13:15:05Z", "github_reviewed_at": "2024-07-10T16:03:48Z", "cwe_ids": [ "CWE-1321" ], "severity": "HIGH" }