Skip to main content

Jsgui Lang Essentials

1 CVEs product

Monthly

CVE-2022-25301 npm CRITICAL POC Act Now

All versions of package jsgui-lang-essentials are vulnerable to Prototype Pollution due to allowing all Object attributes to be altered, including their magical attributes such as proto, constructor. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Prototype Pollution Information Disclosure Jsgui Lang Essentials
NVD GitHub
CVSS 3.1
9.8
EPSS
1.2%
EPSS 1% CVSS 9.8
CRITICAL POC Act Now

All versions of package jsgui-lang-essentials are vulnerable to Prototype Pollution due to allowing all Object attributes to be altered, including their magical attributes such as proto, constructor. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Prototype Pollution Information Disclosure Jsgui Lang Essentials
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy