Lucene search

K
prionPRIOn knowledge basePRION:CVE-2020-28460
HistoryDec 22, 2020 - 1:15 p.m.

Type confusion

2020-12-2213:15:00
PRIOn knowledge base
www.prio-n.com
6

8.8 High

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.7%

This affects the package multi-ini before 2.1.2. It is possible to pollute an object’s prototype by specifying the constructor.proto object as part of an array. This is a bypass of CVE-2020-28448.

CPENameOperatorVersion
multi-inilt2.1.2

8.8 High

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

78.7%

Related for PRION:CVE-2020-28460