Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
fast-redact is a package that provides do very fast object redaction. A Prototype Pollution vulnerability in the nestedRestore function of fast-redact version 3.5.0 and before allows attackers to inject properties on Object.prototype via supplying a crafted payload, causing denial of service (DoS) as the minimum consequence. NOTE: the Supplier disputes this because the reporter only demonstrated access to properties by an internal utility function, and there is no means for achieving prototype pollution via the public API.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
fast-redact 安全漏洞
Vulnerability Description
fast-redact是David Mark Clements个人开发者的一个对象编辑库。 fast-redact 3.5.0及之前版本存在安全漏洞,该漏洞源于nestedRestore函数存在原型污染,可能导致拒绝服务攻击。
CVSS Information
N/A
Vulnerability Type
N/A