Title: CVE-2022-37257 | stealjs 2.2.4 npm-convert.js convertLater requestedVersion prototype pollution (ID 1526)
Description: A vulnerability has been found in stealjs 2.2.4 and classified as critical. This vulnerability affects the function convertLater of the file npm-convert.js. The manipulation of the argument requestedVersion leads to improperly controlled modification of object prototype attributes ('prototype pollution').
Link:
https://vuldb.com/?id.208696
Thu, 15 Sep 2022 22:07:02 +0200
--- The information is for informational purposes only.
* Origin: Read us with
http://winpoint.org/ (2:467/888.88)