Versions of the package bun before 1.1.30 are vulnerable to Prototype Pollution due to improper input sanitization. An attacker can exploit this vulnerability through Bun's APIs that accept objects.
{ "github_reviewed_at": "2024-12-18T16:56:06Z", "nvd_published_at": "2024-12-18T06:15:23Z", "github_reviewed": true, "cwe_ids": [ "CWE-1321" ], "severity": "MODERATE" }