You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Environment (please complete the following information)
multiple-cucumber-html-reporter: 3.8.0
Describe the bug
The datatables.net package is vulnerable to Prototype Pollution. The setData function in jquery.dataTables.js fails to protect prototype attributes when objects are created during the application's execution. A remote attacker can exploit this to modify the behavior of object prototypes which, depending on their use in the application, may result in a Denial of Service (DoS), Remote Code Execution (RCE), or other unexpected execution flow.
Environment (please complete the following information)
Describe the bug
The
datatables.netpackage is vulnerable to Prototype Pollution. ThesetDatafunction injquery.dataTables.jsfails to protect prototype attributes when objects are created during the application's execution. A remote attacker can exploit this to modify the behavior of object prototypes which, depending on their use in the application, may result in a Denial of Service (DoS), Remote Code Execution (RCE), or other unexpected execution flow.Additional context
There is a newer version of
datatables.netthat prevents prototype pollution. Please refer to:DataTables/Dist-DataTables@e2e19ea#diff-e7d8309f017dd2ef6385fa8cdc1539a2R2765
The text was updated successfully, but these errors were encountered: