Title: CVE-2022-37258 | stealjs 2.2.4 npm-convert.js convertLater packageName prototype pollution (ID 1527)
Description: A vulnerability, which was classified as critical, was found in stealjs 2.2.4. This affects the function convertLater of the file npm-convert.js. The manipulation of the argument packageName leads to improperly controlled modification of object prototype attributes ('prototype pollution').
Link:
https://vuldb.com/?id.208983
Sat, 17 Sep 2022 11:04:31 +0200
--- The information is for informational purposes only.
* Origin: Read us with
http://winpoint.org/ (2:467/888.88)