Lucene search

CVE-2020-28272

🗓️ 02 Dec 2020 15:12:15Reported by MendType

Prototype pollution vulnerability in 'keyget' versions 1.0.0 through 2.2.0 allows denial of service and remote code execution

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 14
OSV	GHSA-8MP8-28XH-R486 keyget vulnerable to prototype pollution	24 May 202217:35	–	osv
OSV	CVE-2020-28272	2 Dec 202015:15	–	osv
OSV	GHSA-9FP7-4FJM-Q3MF Prototype Pollution in keyget	1 Feb 202200:51	–	osv
Veracode	Prototype Pollution	3 Dec 202001:36	–	veracode
Prion	Remote code execution	2 Dec 202015:15	–	prion
Prion	Remote code execution	28 Jan 202222:15	–	prion
Cvelist	CVE-2020-28272	2 Dec 202014:32	–	cvelist
Cvelist	CVE-2021-23760 Prototype Pollution	28 Jan 202221:31	–	cvelist
NVD	CVE-2020-28272	2 Dec 202015:15	–	nvd
NVD	CVE-2021-23760	28 Jan 202222:15	–	nvd

Nvd

Node

keyget_project keygetRange1.0.1–2.2.0node.js

[
  {
    "product": "keyget",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "1.0.1, 2.0.0, 2.0.1, 2.1.0, 2.2.0"
      }
    ]
  }
]

Source	Link
github	www.github.com/rumkin/keyget/commit/17d15b6c75036eb429075a8cfeccfc18094dd2e2
whitesourcesoftware	www.whitesourcesoftware.com/vulnerability-database/CVE-2020-28272

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

02 Dec 2020 15:15Current

9.4High risk

Vulners AI Score9.4

CVSS27.5

CVSS39.8

EPSS0.02883