In Async before 2.6.4 and 3.x before... CVE-2021-43138

6.8 AV AC AU C I A
发布: 2022-04-06
修订: 2024-06-21

In Async before 2.6.4 and 3.x before 3.2.2, a malicious user can obtain privileges via the mapValues() method, aka lib/internal/iterator.js createObjectIterator prototype pollution.

0%

漏洞利用/PoC

暂无可用Exp或PoC

受影响的平台与产品

当前有4条受影响产品信息