How severe is CVE-2021-25916?

CVE-2021-25916 has a CVSS v3 score of 9.8 (CRITICAL).

CVE-2021-25916

Name: patchmerge
Author: patchmerge_project

9.8CRITICAL

Prototype pollution vulnerability in 'patchmerge' versions 1.0.0 through 1.0.1 allows an attacker to cause a denial of service and may lead to remote code execution.

公開日: 3/16/2021更新日: 4/30/2025

説明

Prototype pollution vulnerability in 'patchmerge' versions 1.0.0 through 1.0.1 allows an attacker to cause a denial of service and may lead to remote code execution.

AI分析AIによる分析

影響を受ける製品

patchmerge_projectpatchmerge

参照

https://github.com/pjshumphreys/patchmerge/commit/5b383c537eae7a00ebd26d3f7211dac99ddecb12
ExploitPatchThird Party Advisory
https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25916
ExploitThird Party Advisory
https://github.com/pjshumphreys/patchmerge/commit/5b383c537eae7a00ebd26d3f7211dac99ddecb12
ExploitPatchThird Party Advisory
https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25916
ExploitThird Party Advisory