CVE-2022-25871

Summary

All versions of package querymen are vulnerable to Prototype Pollution if the parameters of exported function handler(type, name, fn) can be controlled by users without any sanitization. Note: This vulnerability derives from an incomplete fix of CVE-2020-7600.

Affected Software

VendorProductVersion RangeStatus
n/aquerymen0 < unspecifiedaffected

Weaknesses

  • Prototype Pollution

ADP Enrichment

CVE Program Container

Additional References

References