Vulnerabilities > CVE-2022-25296 - Unspecified vulnerability in Bodymen Project Bodymen

047910
CVSS 7.3 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
LOW
Integrity impact
LOW
Availability impact
LOW
network
low complexity
bodymen-project
NVD
Published: 2022-03-17
Updated: 2022-03-24

Summary

The package bodymen from 0.0.0 are vulnerable to Prototype Pollution via the handler function which could be tricked into adding or modifying properties of Object.prototype using a __proto__ payload. **Note:** This vulnerability derives from an incomplete fix to [CVE-2019-10792](https://security.snyk.io/vuln/SNYK-JS-BODYMEN-548897)

Vulnerable Configurations

Part Description Count
Application
Bodymen_Project
5

References