CVE-2021-23432

Опубликовано: 24 авг. 2021

Источник: nvd

CVSS3: 5.4

CVSS3: 9.8

CVSS2: 7.5

EPSS Низкий

Описание

This affects all versions of package mootools. This is due to the ability to pass untrusted input to Object.merge()

Конфигурация 1

cpe:2.3:a:mootools_project:mootools:*:*:*:*:*:node.js:*:*

EPSS

Процентиль: 53%

0.00303

Низкий

5.4 Medium

CVSS3

9.8 Critical

CVSS3

7.5 High

CVSS2

NVD-CWE-noinfo

CVE-2021-23432

CVSS3: 5.4

ubuntu

больше 4 лет назад

This affects all versions of package mootools. This is due to the ability to pass untrusted input to Object.merge()

GHSA-x6hx-7gh3-3q98

CVSS3: 5.4

github

больше 4 лет назад

Prototype Pollution in mootools

EPSS

Процентиль: 53%

0.00303

Низкий

5.4 Medium

CVSS3

9.8 Critical

CVSS3

7.5 High

CVSS2

NVD-CWE-noinfo