Количество 2
Количество 2
CVE-2022-41713
больше 3 лет назад
deep-object-diff version 1.1.0 allows an external attacker to edit or add new properties to an object. This is possible because the application does not properly validate incoming JSON keys, thus allowing the '__proto__' property to be edited.
CVSS3: 5.3
EPSS: Низкий
GHSA-653v-rqx9-j85p
больше 3 лет назад
deep-object-diff vulnerable to Prototype Pollution
CVSS3: 5.3
EPSS: Низкий
Уязвимостей на страницу
20
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2022-41713 deep-object-diff version 1.1.0 allows an external attacker to edit or add new properties to an object. This is possible because the application does not properly validate incoming JSON keys, thus allowing the '__proto__' property to be edited. | CVSS3: 5.3 | 0% Низкий | больше 3 лет назад |
| GHSA-653v-rqx9-j85p deep-object-diff vulnerable to Prototype Pollution | CVSS3: 5.3 | 0% Низкий | больше 3 лет назад |
Уязвимостей на страницу
20