Количество 2
Количество 2
CVE-2022-42743
больше 3 лет назад
deep-parse-json version 1.0.2 allows an external attacker to edit or add new properties to an object. This is possible because the application does not correctly validate the incoming JSON keys, thus allowing the '__proto__' property to be edited.
CVSS3: 5.3
EPSS: Низкий
GHSA-ff9j-pwxg-q5p2
больше 3 лет назад
deep-parse-json vulnerable to Prototype Pollution
CVSS3: 5.3
EPSS: Низкий
Уязвимостей на страницу
20
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2022-42743 deep-parse-json version 1.0.2 allows an external attacker to edit or add new properties to an object. This is possible because the application does not correctly validate the incoming JSON keys, thus allowing the '__proto__' property to be edited. | CVSS3: 5.3 | 0% Низкий | больше 3 лет назад |
| GHSA-ff9j-pwxg-q5p2 deep-parse-json vulnerable to Prototype Pollution | CVSS3: 5.3 | 0% Низкий | больше 3 лет назад |
Уязвимостей на страницу
20