Lucene search
GoogleOSV:CVE-2023-26106HistoryMar 06, 2023 - 5:15 a.m.
CVE-2023-26106
2023-03-0605:15:12
Google
osv.dev
4
dot-lens
vulnerable
prototype pollution
set() function
index.js file
software
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
41.4%
All versions of the package dot-lens are vulnerable to Prototype Pollution via the set() function in index.js file.
Related
osv
osv
dot-lens vulnerable to Prototype Pollution
2023-03-06 06:30:18
prion
prion
Design/Logic Flaw
2023-03-06 05:15:00
veracode
veracode
Prototype Pollution
2023-08-22 05:01:11
nvd
nvd
CVE-2023-26106
2023-03-06 05:15:12
github
github
dot-lens vulnerable to Prototype Pollution
2023-03-06 06:30:18
cvelist
cvelist
CVE-2023-26106
2023-03-06 05:00:01
cve
cve
CVE-2023-26106
2023-03-06 05:15:12
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
0.001
Percentile
41.4%
Related for OSV:CVE-2023-26106