VDB
KO
CRITICAL 9.8

GHSA-2c29-wc65-4cx9

linux-cmdline is vulnerable to Prototype Pollution via the constructor

Details

The package linux-cmdline is a parser for Linux kernel command line arguments. Versions before 1.0.1 are vulnerable to Prototype Pollution via the constructor.

Are you affected?

Enter the version of the package you're using.

Affected packages

npm / linux-cmdline
Introduced in: 0 Fixed in: 1.0.1
Fix npm install linux-cmdline@1.0.1

References