Severity: moderate

Prototype Pollution

dotty

Overview

A prototype pollution vulnerability in affected versions of 'dotty' allows attackers to cause a denial of service and may lead to remote code execution.

Remediation

Update to version 0.1.1 or later

Resources

Have content suggestions? Visit npmjs.com/support.

Advisory timeline

  1. published

    Advisory Published
    Feb 23rd, 2021
  2. reported

    Reported by Anonymous
    Feb 23rd, 2021