Vulnerabilities > CVE-2022-25301 - Unspecified vulnerability in Jsgui-Lang-Essentials Project Jsgui-Lang-Essentials

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

jsgui-lang-essentials-project

NVD

Published: 2022-05-01

Updated: 2022-05-11

Summary

All versions of package jsgui-lang-essentials are vulnerable to Prototype Pollution due to allowing all Object attributes to be altered, including their magical attributes such as proto, constructor and prototype.

Vulnerable Configurations

Part	Description	Count
Application	Jsgui-Lang-Essentials_Project Jsgui Lang Essentials Project Jsgui Lang Essentials *	1

References

https://github.com/metabench/jsgui-lang-essentials/issues/1
https://snyk.io/vuln/SNYK-JS-JSGUILANGESSENTIALS-2316897