Vulnerability Description
Affected versions of this package are vulnerable to Prototype Pollution. The function assocInM could be tricked into adding or modifying properties of Object.prototype using a __proto__ payload.
Steps To Reproduce:
var a = require("fun-map");
a.assocInM({},["__proto__","toString"],"JHU");
console.log({}.toString);Bug Bounty
We have opened up a bounty for this issue on our bug bounty platform. Want to solve this vulnerability and get rewarded 💰? Go to https://huntr.dev/
Vulnerability Description
Affected versions of this package are vulnerable to Prototype Pollution. The function
assocInMcould be tricked into adding or modifying properties ofObject.prototypeusing a__proto__payload.Steps To Reproduce:
Bug Bounty
We have opened up a bounty for this issue on our bug bounty platform. Want to solve this vulnerability and get rewarded 💰? Go to https://huntr.dev/