CVE-2021-32736
Published: 30 June 2021
Summary
CVE-2021-32736 is a high-severity Prototype Pollution (CWE-1321) vulnerability in Thinkjs Think-Helper. Its CVSS base score is 7.5 (High).
Operationally, ranked at the 43.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2021-1494
Vulnerability details
think-helper defines a set of helper functions for ThinkJS. In versions of think-helper prior to 1.1.3, the software receives input from an upstream component that specifies attributes that are to be initialized or updated in an object, but it does…
more
not properly control modifications of attributes of the object prototype. The vulnerability is patched in version 1.1.3.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.