Debian Node-Kind-Of vulnerabilities

1 known vulnerability affecting debian/node-kind-of.

Total CVEs
1
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1

Vulnerabilities

Page 1 of 1
CVE-2019-20149HIGHCVSS 7.5fixed in node-kind-of 6.0.3+dfsg-1 (bookworm)2019
CVE-2019-20149 [HIGH] CVE-2019-20149: node-kind-of - ctorName in index.js in kind-of v6.0.2 allows external user input to overwrite c... ctorName in index.js in kind-of v6.0.2 allows external user input to overwrite certain internal attributes via a conflicting name, as demonstrated by 'constructor': {'name':'Symbol'}. Hence, a crafted payload can overwrite this builtin attribute to manipulate the type detection result. Scope: local bookworm: resolved (fixed in 6.0.3+dfsg-1) bullseye: resolved (
debian