漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
js-toml is vulnerable to Prototype Pollution
Vulnerability Description
js-toml is a TOML parser for JavaScript, fully compliant with the TOML 1.0.0 Spec. In versions below 1.0.2, a prototype pollution vulnerability in js-toml allows a remote attacker to add or modify properties of the global Object.prototype by parsing a maliciously crafted TOML input. This is fixed in version 1.0.2.
CVSS Information
N/A
Vulnerability Type
CWE-1321
Vulnerability Title
js-toml 安全漏洞
Vulnerability Description
js-toml是Sunny个人开发者的一个用于JavaScript的TOML解析器。 js-toml 1.0.2之前版本存在安全漏洞,该漏洞源于原型污染漏洞,可能导致全局Object.prototype属性被修改。
CVSS Information
N/A
Vulnerability Type
N/A