CVE-2022-1295: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

April 12, 2022 (updated April 22, 2022)

Prototype Pollution in GitHub repository alvarotrigo/fullpage.js prior to 4.0.2.

References

github.com/advisories/GHSA-vpgw-ffh3-648h
github.com/alvarotrigo/fullpage.js/commit/bf62492a22e5d296e63c3ed918a42fc5645a0d48
huntr.dev/bounties/3b9d450c-24ac-4037-b04d-4d4dafbf593a
nvd.nist.gov/vuln/detail/CVE-2022-1295

Code Behaviors & Features

Detect and mitigate CVE-2022-1295 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →