2 matches found
CVE-2020-7638
confinit through 0.3.0 is vulnerable to Prototype Pollution.The 'setDeepProperty' function could be tricked into adding or modifying properties of 'Object.prototype' using a 'proto' payload...
CVE-2020-7638
Vulnerability summary: confinit up to version 0.3.0 is affected by prototype pollution through the setDeepProperty function, which can be tricked into adding or modifying properties on Object.prototype via a proto payload. This could enable attacker-controlled changes to the prototype chain. Affe...