CNNVD-202602-1618 Information

CNNVD ID

CNNVD-202602-1618

Related CVE

CVE-2026-1774

• CNNVD Published: 2026-02-10

Description (Chinese)

CASL是Serhii Stotskyi个人开发者的一个JavaScript库。 CASL 2.4.0版本至6.7.4版本存在安全漏洞，该漏洞源于原型污染，可能会导致逻辑错误或其他攻击。

Description (English)

CASL is a JavaScript library of Serhii Stotskyi personal developers. There is a security loophole in CASL versions 2.4.0 to 6.7.4 which originates from prototype contamination and may result in a logical error or other attack.

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2026-02-10

Last Modified

2026-02-24

References

https://cwe.mitre.org/data/definitions/1321.html https://developer.mozilla.org/en-US/docs/Web/Security/Attacks/Prototype_pollution https://www.kb.cert.org/vuls/id/458422 https://github.com/stalniy/casl/tree/master/packages/casl-ability https://access.redhat.com/security/cve/cve-2026-1774