CVE-2022-21824: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

February 24, 2022 (updated November 10, 2022)

This advisory has been marked as a false positive.

References

hackerone.com/reports/1431042
nodejs.org/en/blog/vulnerability/jan-2022-security-releases/
nvd.nist.gov/vuln/detail/CVE-2022-21824
security.netapp.com/advisory/ntap-20220325-0007/
security.netapp.com/advisory/ntap-20220729-0004/
www.debian.org/security/2022/dsa-5170
www.oracle.com/security-alerts/cpuapr2022.html
www.oracle.com/security-alerts/cpujul2022.html

Code Behaviors & Features

Detect and mitigate CVE-2022-21824 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →