In Async before 2.6.4 and 3.x before... CVE-2021-43138

6.8 AV AC AU C I A
发布: 2022-04-06
修订: 2024-11-21

In Async before 2.6.4 and 3.x before 3.2.2, a malicious user can obtain privileges via the mapValues() method, aka lib/internal/iterator.js createObjectIterator prototype pollution.

0%
暂无可用Exp或PoC
当前有4条受影响产品信息