High severity7.3NVD Advisory· Published Jan 28, 2022· Updated Jun 17, 2026
CVE-2021-23558
CVE-2021-23558
Description
The package bmoor before 0.10.1 are vulnerable to Prototype Pollution due to missing sanitization in set function. Note: This vulnerability derives from an incomplete fix in CVE-2020-7736
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
bmoornpm | < 0.10.1 | 0.10.1 |
Affected products
2- bmoor/bmoordescription
Patches
Vulnerability mechanics
References
7- github.com/b-heilman/bmoor/commit/29b0162cc1dc1791fc060891f568b0ae29bc542bnvdPatchThird Party AdvisoryWEB
- snyk.io/vuln/SNYK-JS-BMOOR-2342622nvdExploitThird Party AdvisoryWEB
- github.com/advisories/GHSA-4m8h-h59m-m34jghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2021-23558ghsaADVISORY
- snyk.io/blog/remediate-javascript-type-confusion-bypassed-input-validation/nvdThird Party Advisory
- security.snyk.io/vuln/SNYK-JS-BMOOR-598664ghsaWEB
- snyk.io/blog/remediate-javascript-type-confusion-bypassed-input-validationghsaWEB
News mentions
0No linked articles in our index yet.