High severity8.8NVD Advisory· Published Apr 23, 2021· Updated Jun 17, 2026
CVE-2021-20089
CVE-2021-20089
Description
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in purl 2.3.2 allows a malicious user to inject properties into Object.prototype.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- purl/purldescription
Patches
Vulnerability mechanics
References
1- github.com/BlackFan/client-side-prototype-pollution/blob/master/pp/purl.mdnvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.