CVE-2022-37614/Prototype pollution found in mockery.js

Question

CVE-2022-37614/Prototype pollution found in mockery.js

secdevlpr26 opened this issue 2 years ago · 3 comments

Prototype pollution vulnerability in function enable in mockery.js in mfncooper mockery commit 822f056 via the key variable in mockery.js.

The prototype pollution vulnerability can be mitigated with several best practices described here: https://learn.snyk.io/lessons/prototype-pollution/javascript/

Answer 1 · 2023-08-01T14:49:07.000Z

If there is a patch for this, please advise. Thanks 👍🏻

Answer 2 · 2023-10-11T12:46:45.000Z

Hi @wesleyscholl this security vulnerability has been fixed some time ago, as this is making other dependant libraries to detect the vulnerability, when do you think that this will be integrated and the patch released on mockery?
Thank you in advance.

Answer 3 · 2024-04-24T08:39:17.000Z

It would be very nice if this one could be fixed. Any progress or any help needed? Thanks