Описание
dottie vulnerable to Prototype Pollution
Versions of the package dottie before 2.0.4 are vulnerable to Prototype Pollution due to insufficient checks, via the set() function and the current variable in the /dottie.js file.
Пакеты
Наименование
dottie
npm
Затронутые версииВерсия исправления
< 2.0.4
2.0.4
Связанные уязвимости
CVSS3: 7.5
ubuntu
больше 2 лет назад
Versions of the package dottie before 2.0.4 are vulnerable to Prototype Pollution due to insufficient checks, via the set() function and the current variable in the /dottie.js file.
CVSS3: 7.5
nvd
больше 2 лет назад
Versions of the package dottie before 2.0.4 are vulnerable to Prototype Pollution due to insufficient checks, via the set() function and the current variable in the /dottie.js file.
CVSS3: 7.5
debian
больше 2 лет назад
Versions of the package dottie before 2.0.4 are vulnerable to Prototyp ...