Описание
All versions of package jsgui-lang-essentials are vulnerable to Prototype Pollution due to allowing all Object attributes to be altered, including their magical attributes such as proto, constructor and prototype.
Ссылки
- ExploitIssue TrackingThird Party Advisory
- ExploitThird Party Advisory
- ExploitIssue TrackingThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:jsgui-lang-essentials_project:jsgui-lang-essentials:*:*:*:*:*:*:*:*
EPSS
Процентиль: 58%
0.00363
Низкий
7.7 High
CVSS3
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-1321
Связанные уязвимости
EPSS
Процентиль: 58%
0.00363
Низкий
7.7 High
CVSS3
9.8 Critical
CVSS3
7.5 High
CVSS2
Дефекты
CWE-1321