AZL-45084 CVE-2020-8116 affecting package js-jquery 3.5.0-4

🗓️ 04 Feb 2020 20:15:13Reported by GoogleType

osv

osv🔗 osv.dev

Prototype pollution in dot-prop up to 4.2.1 and 5.x before 5.1.1 affects js-jquery 3.5.0-4.

Reporter	Title	Published	Views	Family All 74
IBM Security Bulletins	Security Bulletin: Critical Vulnerabilities in libraries used by libraries that IBM Spectrum discover is using (libraries of libraries)	28 Mar 202216:33	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in Node.js affect IBM Cloud Pak System	17 Aug 202209:46	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Machine Learning Accelerator on Cloud Pak for Data is vulnerable to multiple vulnerabilities	12 Dec 202317:28	–	ibm
IBM Security Bulletins	Security Bulletin: OSS security Scan issues for Concerto installer.	8 Dec 202006:37	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Cloud Pak for Applications 4.3 nodejs and nodejs-express Appsody stacks is vulnerable to information disclosure, buffer overflow and prototype pollution exposures	8 Jun 202100:42	–	ibm
IBM Security Bulletins	Security Bulletin: Open Source Security issues for NPS console.	15 Dec 202007:03	–	ibm
IBM Security Bulletins	Security Bulletin: OSS scan fixes for Content pos	15 Dec 202006:58	–	ibm
AlmaLinux	Moderate: nodejs:12 security and bug fix update	19 Oct 202007:13	–	almalinux
AlmaLinux	Moderate: nodejs:10 security update	16 Feb 202107:34	–	almalinux
Tenable Nessus	CentOS 8 : nodejs:12 (CESA-2020:4272)	1 Feb 202100:00	–	nessus

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2020-8116

21 Apr 2026 04:31Current

7.3High risk

Vulners AI Score7.3

CVSS 3.17.3

EPSS0.00764

prototype pollution dot-prop versions javascript library