CVE-2021-23328

Summary

This affects all versions of package iniparserjs. This vulnerability relates when ini_parser.js is concentrating arrays. Depending on if user input is provided, an attacker can overwrite and pollute the object prototype of a program.

Affected Software

VendorProductVersion RangeStatus
n/ainiparserjs0 < unspecifiedaffected

Weaknesses

  • Prototype Pollution

ADP Enrichment

CVE Program Container

Additional References

References