CVE-2020-28270

2020-11-1217:16:50

Mend

www.cve.org

vulnerability

prototype pollution

denial of service

remote code execution

object-hierarchy-access

cve-2020-28270

AI Score

9.6

Confidence

High

EPSS

0.011

Percentile

84.7%

JSON

Prototype pollution vulnerability in ‘object-hierarchy-access’ versions 0.2.0 through 0.32.0 allows attacker to cause a denial of service and may lead to remote code execution.

CNA Affected

[
  {
    "product": "object-hierarchy-access",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "0.32.0, 0.31.0, 0.30.0, 0.29.1, 0.29.0, 0.28.0, 0.27.1, 0.27.0, 0.26.0, 0.25.2, 0.25.1, 0.25.0, 0.24.0, 0.23.0, 0.22.0, 0.21.0, 0.20.2, 0.20.1, 0.20.0, 0.19.0, 0.18.0, 0.17.0, 0.16.0, 0.15.0, 0.14.1, 0.13.1, 0.12.0, 0.11.0, 0.10.0, 0.9.0, 0.8.0, 0.7.3, 0.7.2, 0.6.0, 0.5.2, 0.5.1, 0.4.3, 0.4.2, 0.4.1, 0.4.0, 0.2.0"
      }
    ]
  }
]