Vulnerability CVE-2021-42581


Published: 2022-05-10

Description:
Prototype poisoning in function mapObjIndexed in Ramda 0.27.0 and earlier allows attackers to compromise integrity or availability of application via supplying a crafted object (that contains an own property "__proto__") as an argument to the function.

 References:
https://github.com/ramda/ramda/pull/3192
https://jsfiddle.net/3pomzw5g/2/

Copyright 2026, cxsecurity.com

 

Back to Top