CVE-2022-25871 Information

Description

All versions of package querymen are vulnerable to Prototype Pollution if the parameters of exported function handler(type name fn) can be controlled by users without any sanitization. Note: This vulnerability derives from an incomplete fix of CVE-2020-7600.

Reference

https://snyk.io/vuln/SNYK-JS-QUERYMEN-2391488