Environment (please complete the following information)
multiple-cucumber-html-reporter: 3.8.0
Describe the bug
The datatables.net package is vulnerable to Prototype Pollution. The setData function in jquery.dataTables.js fails to protect prototype attributes when objects are created during the application's execution. A remote attacker can exploit this to modify the behavior of object prototypes which, depending on their use in the application, may result in a Denial of Service (DoS), Remote Code Execution (RCE), or other unexpected execution flow.
Environment (please complete the following information)
Describe the bug
The
datatables.netpackage is vulnerable to Prototype Pollution. ThesetDatafunction injquery.dataTables.jsfails to protect prototype attributes when objects are created during the application's execution. A remote attacker can exploit this to modify the behavior of object prototypes which, depending on their use in the application, may result in a Denial of Service (DoS), Remote Code Execution (RCE), or other unexpected execution flow.Additional context
There is a newer version of
datatables.netthat prevents prototype pollution. Please refer to: https://github.com/DataTables/Dist-DataTables/commit/e2e19eac7e5a6f140d7eefca5c7deba165b357eb#diff-e7d8309f017dd2ef6385fa8cdc1539a2R2765