Severity: low

    Validation Bypass

    kind-of

    Overview

    Versions of kind-of 6.x prior to 6.0.3 are vulnerable to a Validation Bypass. A maliciously crafted object can alter the result of the type check, allowing attackers to bypass the type checking validation.

    Remediation

    Upgrade to versions 6.0.3 or later.

    Resources

    Have content suggestions? Visit npmjs.com/support.

    Advisory timeline

    1. published

      Advisory Published
      Mar 9th, 2020
    2. reported

      Reported by Feng Xiao
      Mar 6th, 2020