| ID | CVE-2021-28860 | ||||||
| Sažetak | In Node.js mixme, prior to v0.5.1, an attacker can add or alter properties of an object via '__proto__' through the mutate() and merge() functions. The polluted attribute will be directly assigned to every object in the program. This will put the availability of the program at risk causing a potential denial of service (DoS). | ||||||
| Reference |
|
||||||
| CVSS |
|
||||||
| Pristup |
|
||||||
| Impact |
|
||||||
| CVSS vektor | AV:N/AC:L/Au:N/C:N/I:P/A:P | ||||||
| Zadnje važnije ažuriranje | 05-07-2026 - 00:17 | ||||||
| Objavljeno | 03-05-2021 - 12:15 |

