Lucene search

K
osvGoogleOSV:CVE-2019-10747
HistoryAug 23, 2019 - 5:15 p.m.

CVE-2019-10747

2019-08-2317:15:13
Google
osv.dev
11
set-value
vulnerability
cve-2019-10747
prototype pollution
software

AI Score

7

Confidence

Low

EPSS

0.006

Percentile

77.9%

set-value is vulnerable to Prototype Pollution in versions lower than 3.0.1. The function mixin-deep could be tricked into adding or modifying properties of Object.prototype using any of the constructor, prototype and proto payloads.