Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
higuma web-audio-recorder-js Dynamic Config Handling WebAudioRecorder.js extend prototype pollution
Vulnerability Description
A vulnerability was identified in higuma web-audio-recorder-js 0.1/0.1.1. Impacted is the function extend in the library lib/WebAudioRecorder.js of the component Dynamic Config Handling. Such manipulation leads to improperly controlled modification of object prototype attributes. It is possible to launch the attack remotely. Attacks of this nature are highly complex. The exploitability is considered difficult. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
CWE-1321
Vulnerability Title
WebAudioRecorder.js 安全漏洞
Vulnerability Description
WebAudioRecorder.js是Yuji Miyane个人开发者的一个JavaScript库。 WebAudioRecorder.js 0.1版本和0.1.1版本存在安全漏洞,该漏洞源于对组件Dynamic Config Handling中库lib/WebAudioRecorder.js的函数extend的错误操作,可能导致对象原型属性修改不当。
CVSS Information
N/A
Vulnerability Type
N/A