{"source":1093224,"name":"ini","dependency":"ini","title":"ini before 1.3.6 vulnerable to Prototype Pollution via ini.parse","url":"https://github.com/advisories/GHSA-qqgx-2p2h-9c37","severity":"high","versions":["1.0.0","1.0.1","1.0.2","1.0.3","1.0.4","1.0.5","1.1.0","1.2.0","1.2.1","1.3.0","1.3.1","1.3.2","1.3.3","1.3.4","1.3.5","1.3.6","1.3.7","1.3.8","2.0.0","3.0.0","3.0.1","4.0.0","4.1.0","4.1.1","4.1.2","4.1.3","5.0.0"],"vulnerableVersions":["1.0.0","1.0.1","1.0.2","1.0.3","1.0.4","1.0.5","1.1.0","1.2.0","1.2.1","1.3.0","1.3.1","1.3.2","1.3.3","1.3.4","1.3.5"],"cwe":["CWE-1321"],"cvss":{"score":7.3,"vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"},"range":"<1.3.6","id":"wRMI5JN93cobcDhqRjCWfqICm6gbfYHnR/8FcW53WEyqxVyyQW2jccwR335pszpq/1xeEiAr1MAQVbZiEyy8/g=="}