Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
js-toml is vulnerable to Prototype Pollution
Vulnerability Description
js-toml is a TOML parser for JavaScript, fully compliant with the TOML 1.0.0 Spec. In versions below 1.0.2, a prototype pollution vulnerability in js-toml allows a remote attacker to add or modify properties of the global Object.prototype by parsing a maliciously crafted TOML input. This is fixed in version 1.0.2.
CVSS Information
N/A
Vulnerability Type
CWE-1321
Vulnerability Title
js-toml 安全漏洞
Vulnerability Description
js-toml是Sunny个人开发者的一个用于JavaScript的TOML解析器。 js-toml 1.0.2之前版本存在安全漏洞,该漏洞源于原型污染漏洞,可能导致全局Object.prototype属性被修改。
CVSS Information
N/A
Vulnerability Type
N/A