Pricing Enterprise

CVE-2022-37602

9.8CRITICAL

Prototype pollution vulnerability in karma-runner grunt-karma 4.0.1 via the key variable in grunt-karma.js.

Published: 10/14/2022Updated: 5/15/2025

View on NVD View on MITRE

Description

Prototype pollution vulnerability in karma-runner grunt-karma 4.0.1 via the key variable in grunt-karma.js.

AI AnalysisPowered by AI

Affected Products

grunt-karma_projectgrunt-karma

4.0.1

References

https://github.com/karma-runner/grunt-karma/blob/45b925964f55870f375c6e670d9945b223c984f5/tasks/grunt-karma.js#L109
ExploitThird Party Advisory
https://github.com/karma-runner/grunt-karma/blob/45b925964f55870f375c6e670d9945b223c984f5/tasks/grunt-karma.js#L26
ExploitThird Party Advisory
https://github.com/karma-runner/grunt-karma/issues/311
Issue TrackingThird Party Advisory
https://github.com/karma-runner/grunt-karma/blob/45b925964f55870f375c6e670d9945b223c984f5/tasks/grunt-karma.js#L109
ExploitThird Party Advisory
https://github.com/karma-runner/grunt-karma/blob/45b925964f55870f375c6e670d9945b223c984f5/tasks/grunt-karma.js#L26
ExploitThird Party Advisory
https://github.com/karma-runner/grunt-karma/issues/311
Issue TrackingThird Party Advisory