{"source":1113148,"name":"@casl/ability","dependency":"@casl/ability","title":"CASL Ability is Vulnerable to Prototype Pollution","url":"https://github.com/advisories/GHSA-x9vf-53q3-cvx6","severity":"critical","versions":["2.0.0-alpha.1","2.0.0-alpha.2","2.0.0-alpha.ade5be4a","2.0.1","2.0.2","2.0.3","2.1.0","2.2.0","2.3.0","2.4.0","2.4.1","2.4.2","2.5.0","2.5.1","3.0.0","3.0.1","3.0.2","3.1.0","3.1.1","3.1.2","3.2.0","3.3.0","3.4.0","4.0.0","4.0.1","4.0.2","4.0.3","4.0.4","4.0.5","4.0.6","4.0.7","4.0.8","4.1.0","4.1.1","4.1.2","4.1.3","4.1.4","4.1.5","4.1.6","5.0.0","5.0.1-next.1","5.1.0-next.1","5.1.0-next.2","5.1.0-next.3","5.1.0-next.4","5.1.0-next.5","5.1.0-next.6","5.1.0-next.7","5.1.0-next.8","5.1.0-next.9","5.1.0-next.10","5.1.0-next.11","5.1.0-next.12","5.1.0-next.13","5.1.0-next.14","5.1.0-next.15","5.1.0","5.1.1","5.1.2","5.2.0","5.2.1","5.2.2","5.3.0","5.3.1","5.4.0","5.4.1","5.4.2","5.4.3","5.4.4","6.0.0","6.1.0","6.1.1","6.1.2","6.2.0","6.3.0","6.3.1","6.3.2","6.3.3","6.3.4","6.4.0","6.5.0","6.6.0","6.7.0","6.7.1","6.7.2","6.7.3","6.7.5","6.8.0","6.8.1"],"vulnerableVersions":["2.4.0","2.4.1","2.4.2","2.5.0","2.5.1","3.0.0","3.0.1","3.0.2","3.1.0","3.1.1","3.1.2","3.2.0","3.3.0","3.4.0","4.0.0","4.0.1","4.0.2","4.0.3","4.0.4","4.0.5","4.0.6","4.0.7","4.0.8","4.1.0","4.1.1","4.1.2","4.1.3","4.1.4","4.1.5","4.1.6","5.0.0","5.0.1-next.1","5.1.0-next.1","5.1.0-next.2","5.1.0-next.3","5.1.0-next.4","5.1.0-next.5","5.1.0-next.6","5.1.0-next.7","5.1.0-next.8","5.1.0-next.9","5.1.0-next.10","5.1.0-next.11","5.1.0-next.12","5.1.0-next.13","5.1.0-next.14","5.1.0-next.15","5.1.0","5.1.1","5.1.2","5.2.0","5.2.1","5.2.2","5.3.0","5.3.1","5.4.0","5.4.1","5.4.2","5.4.3","5.4.4","6.0.0","6.1.0","6.1.1","6.1.2","6.2.0","6.3.0","6.3.1","6.3.2","6.3.3","6.3.4","6.4.0","6.5.0","6.6.0","6.7.0","6.7.1","6.7.2","6.7.3"],"cwe":["CWE-1321"],"cvss":{"score":9.8,"vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},"range":">=2.4.0 <=6.7.4","id":"qwo63AXNg23jaMvO+bzkFU5RZjvjbkSiHb64uqUAVrjBsSEQVuh0Ljp8OAGdT6YCjhKCOUJYUFnhFYXEWz0QNQ=="}