Количество 2
Количество 2
CVE-2021-23507
около 4 лет назад
The package object-path-set before 1.0.2 are vulnerable to Prototype Pollution via the setPath method, as it allows an attacker to merge object prototypes into it. *Note:* This vulnerability derives from an incomplete fix in https://security.snyk.io/vuln/SNYK-JS-OBJECTPATHSET-607908
CVSS3: 7.5
EPSS: Низкий
GHSA-h6pr-c536-6rjg
около 4 лет назад
Prototype Pollution in object-path-set
CVSS3: 7.5
EPSS: Низкий
Уязвимостей на страницу
20
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2021-23507 The package object-path-set before 1.0.2 are vulnerable to Prototype Pollution via the setPath method, as it allows an attacker to merge object prototypes into it. *Note:* This vulnerability derives from an incomplete fix in https://security.snyk.io/vuln/SNYK-JS-OBJECTPATHSET-607908 | CVSS3: 7.5 | 1% Низкий | около 4 лет назад |
| GHSA-h6pr-c536-6rjg Prototype Pollution in object-path-set | CVSS3: 7.5 | 1% Низкий | около 4 лет назад |
Уязвимостей на страницу
20