Prototype Pollution Vulnerability in mpath Module by Unknown Vendor
CVE-2018-16490

7.5HIGH

Key Information:

Vendor: Hackerone
Status: Mpath
Vendor: CVE Published:; 1 February 2019

What is CVE-2018-16490?

The mpath module has a prototype pollution vulnerability that could allow an attacker to manipulate Object.prototype by injecting arbitrary properties. This could lead to unpredictable behavior in applications that utilize this module, making it crucial for developers to apply the latest updates and harden their systems against such attacks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

mpath <0.5.1

References

https://hackerone.com/reports/390860

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 1, 2019
Vulnerability Reserved
Sep 4, 2018

JSON

Hackerone

What is CVE-2018-16490?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.