Flaw in input validation in npm package klona version 1.1.0 and earlier may allow prototype pollution attack that may result in remote code execution or denial of service of applications using klona.
References
Link | Resource |
---|---|
https://hackerone.com/reports/778414 | Exploit Patch Third Party Advisory |
https://hackerone.com/reports/778414 | Exploit Patch Third Party Advisory |
Configurations
History
21 Nov 2024, 05:38
Type | Values Removed | Values Added |
---|---|---|
References | () https://hackerone.com/reports/778414 - Exploit, Patch, Third Party Advisory |
Information
Published : 2020-02-04 20:15
Updated : 2024-11-21 05:38
NVD link : CVE-2020-8125
Mitre link : CVE-2020-8125
CVE.ORG link : CVE-2020-8125
JSON object : View
Products Affected
klona_project
- klona
CWE
CWE-20
Improper Input Validation