Filtered by vendor Async Project Subscriptions
Filtered by product Async Subscriptions
Total 1 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2021-43138 3 Async Project, Fedoraproject, Redhat 4 Async, Fedora, Rhmt and 1 more 2024-08-04 7.8 High
In Async before 2.6.4 and 3.x before 3.2.2, a malicious user can obtain privileges via the mapValues() method, aka lib/internal/iterator.js createObjectIterator prototype pollution.