Prototype Pollution Vulnerability in defaults-deep <=0.2.4 Allows Property Injection onto Object.prototype

Prototype Pollution Vulnerability in defaults-deep <=0.2.4 Allows Property Injection onto Object.prototype

CVE-2018-16486 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

A prototype pollution vulnerability was found in defaults-deep <=0.2.4 that would allow a malicious user to inject properties onto Object.prototype.

Learn more about our User Device Pen Test.