Severity: critical

    Prototype Pollution in locutus

    locutus

    Overview

    Versions of locutus prior to 2.0.12 are vulnerable to Prototype Pollution via the php.strings.parse_str function.

    Remediation

    Upgrade to version 2.0.12 or later

    Resources

    Have content suggestions? Visit npmjs.com/support.

    Advisory timeline

    1. published

      Advisory Published
      May 6th, 2021
    2. reported

      Reported by Anonymous
      May 6th, 2021