CVE-2020-8125

Flaw in input validation in npm package klona version 1.1.0 and earlier may allow prototype pollution attack that may result in remote code execution or denial of service of applications using klona.
References
Link Resource
https://hackerone.com/reports/778414 Exploit Patch Third Party Advisory
https://hackerone.com/reports/778414 Exploit Patch Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:klona_project:klona:*:*:*:*:*:node.js:*:*

History

21 Nov 2024, 05:38

Type Values Removed Values Added
References () https://hackerone.com/reports/778414 - Exploit, Patch, Third Party Advisory () https://hackerone.com/reports/778414 - Exploit, Patch, Third Party Advisory

Information

Published : 2020-02-04 20:15

Updated : 2024-11-21 05:38


NVD link : CVE-2020-8125

Mitre link : CVE-2020-8125

CVE.ORG link : CVE-2020-8125


JSON object : View

Products Affected

klona_project

  • klona
CWE
CWE-20

Improper Input Validation