GHSA-4hq8-jgr8-mw9j

Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/07/GHSA-4hq8-jgr8-mw9j/GHSA-4hq8-jgr8-mw9j.json
Aliases
  • CVE-2020-7641
Published
2022-07-18T00:00:33Z
Modified
2022-08-05T15:54:03Z
Details

This affects all versions of package grunt-util-property. The function call could be tricked into adding or modifying properties of Object.prototype using a __proto__ payload.

References

Affected packages

npm / grunt-util-property

grunt-util-property

Affected ranges

Type
SEMVER
Events
Introduced
0

Affected versions

Database specific

{
    "last_known_affected_version_range": "<= 0.0.2"
}