Lucene search

CVE-2020-28277

🗓️ 29 Dec 2020 17:12:15Reported by [email protected]Type

Prototype pollution vulnerability in 'dset' versions 1.0.0 through 2.0.1 may lead to denial of service and remote code execution

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 9
CVE	CVE-2020-28277	29 Dec 202017:15	–	cve
Veracode	Prototype Pollution	30 Dec 202004:21	–	veracode
Cvelist	CVE-2020-28277	29 Dec 202016:58	–	cvelist
OSV	dset vulnerable to prototype pollution	24 May 202217:37	–	osv
OSV	CVE-2020-28277	29 Dec 202017:15	–	osv
Github Security Blog	dset vulnerable to prototype pollution	24 May 202217:37	–	github
Prion	Remote code execution	29 Dec 202017:15	–	prion
Huntr	Prototype Pollution in lukeed/dset	10 Jan 202100:00	–	huntr
CNVD	Lukeed dset prototype contamination vulnerability	31 Dec 202000:00	–	cnvd

Nvd

Node

dset_project dsetRange1.0.0–2.0.1node.js

Source	Link
github	www.github.com/lukeed/dset/blob/50a6ead172d1466a96035eff00f8eb465ccd050a/src/index.js
whitesourcesoftware	www.whitesourcesoftware.com/vulnerability-database/CVE-2020-28277

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

29 Dec 2020 17:15Current

9.5High risk

Vulners AI Score9.5

CVSS27.5

CVSS39.8

EPSS0.02354