Описание
Prototype Pollution in sds
This affects the package sds from 0.0.0. The library could be tricked into adding or modifying properties of the Object.prototype by abusing the set function located in js/set.js. Note: This vulnerability derives from an incomplete fix to CVE-2020-7618
Пакеты
Наименование
sds
npm
Затронутые версииВерсия исправления
<= 4.4.0
Отсутствует
Связанные уязвимости
CVSS3: 4
nvd
больше 3 лет назад
This affects the package sds from 0.0.0. The library could be tricked into adding or modifying properties of the Object.prototype by abusing the set function located in js/set.js. **Note:** This vulnerability derives from an incomplete fix to [CVE-2020-7618](https://security.snyk.io/vuln/SNYK-JS-SDS-564123)