Prototype Pollution in property-expr

🗓️ 06 May 2021 17:47:29Reported by GitHub Advisory DatabaseType

Vulnerability in property-expr package

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 9
Node.js	Prototype Pollution in property-expr	6 May 202117:30	–	nodejs
CVE	CVE-2020-7707	18 Aug 202014:15	–	cve
NVD	CVE-2020-7707	18 Aug 202014:15	–	nvd
OSV	Prototype Pollution in property-expr	6 May 202117:29	–	osv
OSV	CVE-2020-7707	18 Aug 202014:15	–	osv
Prion	Design/Logic Flaw	18 Aug 202014:15	–	prion
Cvelist	CVE-2020-7707 Prototype Pollution	18 Aug 202013:40	–	cvelist
Veracode	Prototype Pollution	19 Aug 202003:55	–	veracode
IBM Security Bulletins	Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Node.js	9 Dec 202004:41	–	ibm

Vulners

Node

property-expr_project property-exprRange<2.0.3

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2020-7707
github	www.github.com/jquense/expr/commit/df846910915d59f711ce63c1f817815bceab5ff7
snyk	www.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-598857
snyk	www.snyk.io/vuln/SNYK-JS-PROPERTYEXPR-598800
github	www.github.com/advisories/GHSA-6fw4-hr69-g3rv

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

06 May 2021 17:29Current

8.9High risk

Vulners AI Score8.9

CVSS27.5

CVSS39.8

EPSS0.01597