Описание
deepHas provides a test for the existence of a nested object key and optionally returns that key. A prototype pollution vulnerability exists in version 1.0.7 of the deephas npm package that allows an attacker to modify global object behavior. This issue was fixed in version 1.0.8.
EPSS
Процентиль: 4%
0.0002
Низкий
Дефекты
CWE-1321
Связанные уязвимости
github
8 дней назад
deepHas vulnerable to Prototype Pollution via constructor.prototype
EPSS
Процентиль: 4%
0.0002
Низкий
Дефекты
CWE-1321