VYPR

node-ini-parser

by rawiroaisen

CVEs (1)

  • CVE-2020-7617Apr 2, 2020
    risk 0.00cvss epss 0.01

    ini-parser through 0.0.2 is vulnerable to Prototype Pollution.The library could be tricked into adding or modifying properties of Object.prototype using a '__proto__' payload.