CVE-2022-37601
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
Prototype pollution vulnerability in function parseQuery in parseQuery.js in webpack loader-utils via the name variable in parseQuery.js. This affects all versions prior to 1.4.1 and 2.0.3.
| Vendor | n/a |
| Product | n/a |
| Published | Oct 12, 2022 |
| Last Updated | Oct 28, 2024 |
Stay Ahead of the Next One
Get instant alerts for n/a n/a
Be the first to know when new unknown vulnerabilities affecting n/a n/a are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
n/a / n/a
n/a
References
github.com: https://github.com/webpack/loader-utils/blob/d9f4e23cf411d8556f8bac2d3bf05a6e0103b568/lib/parseQuery.js#L11 github.com: https://github.com/webpack/loader-utils/blob/d9f4e23cf411d8556f8bac2d3bf05a6e0103b568/lib/parseQuery.js#L47 github.com: https://github.com/webpack/loader-utils/issues/212 github.com: https://github.com/webpack/loader-utils/issues/212#issuecomment-1319192884 dl.acm.org: https://dl.acm.org/doi/abs/10.1145/3488932.3497769 dl.acm.org: https://dl.acm.org/doi/pdf/10.1145/3488932.3497769 users.encs.concordia.ca: http://users.encs.concordia.ca/~mmannan/publications/JS-vulnerability-aisaccs2022.pdf github.com: https://github.com/xmldom/xmldom/issues/436#issuecomment-1319412826 lists.debian.org: https://lists.debian.org/debian-lts-announce/2022/12/msg00044.html