Описание
This affects all versions of package Proto. It is possible to inject pollute the object property of an application using Proto by leveraging the merge function.
Ссылки
- ExploitMitigationThird Party Advisory
- ProductThird Party Advisory
- ExploitMitigationThird Party Advisory
- ProductThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:proto_project:proto:-:*:*:*:*:node.js:*:*
EPSS
Процентиль: 49%
0.00263
Низкий
5.6 Medium
CVSS3
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
EPSS
Процентиль: 49%
0.00263
Низкий
5.6 Medium
CVSS3
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
NVD-CWE-Other