MidnightBSD

Advisories for open-graph_project

CVE-2021-23419 MEDIUM

This affects the package open-graph before 0.2.6. The function parse could be tricked into adding or modifying properties of Object.prototype using a __proto__ or constructor payload.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-1321,

Products Affected

Vendor Product Version
open-graph_project open-graph *