Lucene search

K
cvelistHackeroneCVELIST:CVE-2018-16472
HistoryNov 06, 2018 - 12:00 a.m.

CVE-2018-16472

2018-11-0600:00:00
CWE-400
hackerone
www.cve.org

7.8 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

40.4%

A prototype pollution attack in cached-path-relative versions <=1.0.1 allows an attacker to inject properties on Object.prototype which are then inherited by all the JS objects through the prototype chain causing a DoS attack.

CNA Affected

[
  {
    "vendor": "npm",
    "product": "cached-path-relative",
    "versions": [
      {
        "version": "<=1.0.1",
        "status": "affected"
      }
    ]
  }
]

7.8 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

40.4%