CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
65.3%
Properties-Reader prior to version 2.2.0 is vulnerable to prototype pollution. Version 2.2.0 contains a patch for this issue.
github.com/steveukx/properties
github.com/steveukx/properties/commit/0877cc871db9865f58dd9389ce99e61be05380a5
github.com/steveukx/properties/commit/4e4bc392ecfd0a128f48c1d69f64a0d7194fcaab
github.com/steveukx/properties/issues/40
nvd.nist.gov/vuln/detail/CVE-2020-28471
security.snyk.io/vuln/SNYK-JS-PROPERTIESREADER-1048968