Vulnerability identifier: #VU76520
Vulnerability risk: Critical
Exploitation vector: Network
Exploit availability: No
Other software / Other software solutions
The vulnerability allows a remote attacker to execute arbitrary code on the system.
The vulnerability exists due to prototype pollution in the mockery.js script. A remote attacker can pass specially crafted input to the application to execute arbitrary code on the system.
Cybersecurity Help is currently unaware of any official solution to address this vulnerability..
Vulnerable software versions
mockery: All versions
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?