Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

  1. Reconshell
  2. Vulnerabilities (CVE)
Filtered by vendor Algolia Subscribe
Filtered by product Algoliasearch-helper
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-23433 1 Algolia 1 Algoliasearch-helper 2021-11-23 6.8 MEDIUM 9.8 CRITICAL
The package algoliasearch-helper before 3.6.2 are vulnerable to Prototype Pollution due to use of the merge function in src/SearchParameters/index.jsSearchParameters._parseNumbers without any protection against prototype properties. Note that this vulnerability is only exploitable if the implementation allows users to define arbitrary search patterns.