think-helper defines a set of helper functions for ThinkJS. In versions of think-helper prior to 1.1.3, the software receives input from an upstream component that specifies attributes that are to be initialized or updated in an object, but it does not properly control modifications of attributes of the object prototype. The vulnerability is patched in version 1.1.3.
References
Link | Resource |
---|---|
https://github.com/thinkjs/think-helper/security/advisories/GHSA-vr5m-3h59-7jcp | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: GitHub_M
Published: 2021-06-30T17:25:09
Updated: 2021-06-30T17:25:09
Reserved: 2021-05-12T00:00:00
Link: CVE-2021-32736
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-06-30T18:15:08.587
Modified: 2022-07-22T10:50:50.127
Link: CVE-2021-32736
JSON object: View
Redhat Information
No data.
CWE