CVE-2021-25953

Summary

Prototype pollution vulnerability in 'putil-merge' versions1.0.0 through 3.6.6 allows attacker to cause a denial of service and may lead to remote code execution.

Affected Software

VendorProductVersion RangeStatus
n/aputil-merge3.6.6, 3.6.5, 3.6.4, 3.6.3, 3.6.2, 3.6.1, 3.6.0, 3.5.2, 3.5.1, 3.5.0, 3.4.2, 3.4.1, 3.3.0, 3.2.0, 3.1.4, 3.1.3, 3.1.2, 3.1.1, 3.1.0, 3.0.0, 2.2.0, 2.1.0, 2.0.2, 2.0.1, 2.0.0, 1.2.0, 1.1.5, 1.1.4, 1.1.3, 1.1.2, 1.1.1, 1.1.0, 1.0.2, 1.0.1, 1.0.0affected

Weaknesses

  • Prototype Pollution

ADP Enrichment

CVE Program Container

Additional References

References