CVE-2023-6293: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

November 24, 2023 (updated November 30, 2023)

Prototype Pollution in GitHub repository robinbuschmann/sequelize-typescript prior to 2.1.6.

References

github.com/robinbuschmann/sequelize-typescript/commit/5ce8afdd1671b08c774ce106b000605ba8fccf78
huntr.com/bounties/36a7ecbf-4d3d-462e-86a3-cda7b1ec64e2
nvd.nist.gov/vuln/detail/CVE-2023-6293

Code Behaviors & Features

Detect and mitigate CVE-2023-6293 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →