GHSA-35pj-cxpm-pvh5

Опубликовано: 24 мая 2022

Источник: github

Github: Не прошло ревью

Описание

Prototype pollution vulnerability in 'cache-base' versions 0.7.0 through 4.0.0 allows attacker to cause a denial of service and may lead to remote code execution.

Ссылки

https://nvd.nist.gov/vuln/detail/CVE-2020-28275
https://github.com/jonschlinkert/cache-base/blob/e4d50b78a57099aedabce9baff8c1b3212099c99/index.js#L71
https://www.whitesourcesoftware.com/vulnerability-database/CVE-2020-28275

CVE ID

CVE-2020-28275

Связанные уязвимости

CVE-2020-28275

nvd

около 5 лет назад

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none

CVE ID

CVE-2020-28275