Vulnerability Database
Blog
FAQ
Docs
GHSA-p2fh-2h23-6grg
Source
https://github.com/advisories/GHSA-p2fh-2h23-6grg
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/05/GHSA-p2fh-2h23-6grg/GHSA-p2fh-2h23-6grg.json
Aliases
CVE-2023-2972
Published
2023-05-30T12:30:17Z
Modified
2023-11-08T04:12:21.184330Z
Details
Prototype Pollution in GitHub repository antfu/utils prior to 0.7.3.
References
https://nvd.nist.gov/vuln/detail/CVE-2023-2972
https://github.com/antfu/utils/commit/7f8b16c6181c988bdb96613fbb2533b345f68682
https://github.com/antfu/utils
https://huntr.dev/bounties/009f1cd9-401c-49a7-bd08-be35cff6faef
Affected packages
npm
/
@antfu/utils
Package
Name
@antfu/utils
Affected ranges
Type
SEMVER
Events
Introduced
0
The exact introduced commit is unknown
Fixed
0.7.3
GHSA-p2fh-2h23-6grg - OSV