Security Advisory

CVE-2023-26102

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-02-24 05:00:01

Last updated 2025-03-11 15:52:25

Assigner snyk

State PUBLISHED

Description

All versions of the package rangy are vulnerable to Prototype Pollution when using the extend() function in file rangy-core.js.The function uses recursive merge which can lead an attacker to modify properties of the Object.prototype

← Browse all CVEs View on cve.org ↗