Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2020-7720HistorySep 01, 2020 - 10:15 a.m.
CVE-2020-7720
2020-09-0110:15:00
Debian Security Bug Tracker
security-tracker.debian.org
15
0.002 Low
EPSS
Percentile
58.7%
The package node-forge before 0.10.0 is vulnerable to Prototype Pollution via the util.setPath function. Note: Version 0.10.0 is a breaking change removing the vulnerable functions.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 11 | all | node-node-forge | < 0.10.0~dfsg-1 | node-node-forge_0.10.0~dfsg-1_all.deb |
| Debian | 10 | all | node-node-forge | <= 0.8.1~dfsg-1+deb10u1 | node-node-forge_0.8.1~dfsg-1+deb10u1_all.deb |
| Debian | 999 | all | node-node-forge | < 0.10.0~dfsg-1 | node-node-forge_0.10.0~dfsg-1_all.deb |
Related
osv
osv
CVE-2020-7720
2020-09-01 10:15:10
Prototype Pollution in node-forge
2020-09-14 21:42:09
Prototype Pollution in node-forge util.setPath API
2022-01-08 00:22:40
ibm
ibm
redhatcve
redhatcve
CVE-2020-7720
2020-09-01 18:18:38
githubexploit
githubexploit
prion
prion
Design/Logic Flaw
2020-09-01 10:15:00
veracode
veracode
Prototype Pollution
2020-09-02 06:31:08
cvelist
cvelist
CVE-2020-7720 Prototype Pollution
2020-09-01 00:00:00
github
github
Prototype Pollution in node-forge
2020-09-14 21:42:09
Prototype Pollution in node-forge util.setPath API
2022-01-08 00:22:40
nodejs
nodejs
Prototype Pollution in node-forge
2020-09-30 18:39:48
cve
cve
CVE-2020-7720
2020-09-01 10:15:00
ubuntucve
ubuntucve
CVE-2020-7720
2020-09-01 00:00:00
redhat
redhat