Lucene search
+L

8 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2022-6095

Malicious code in bioql PyPI...

9.8CVSS9.3AI score0.01313EPSS
Exploits1References3
Veracode
Veracode
added 2022/06/27 5:41 a.m.20 views

Prototype Pollution

deep-get-set is vulnerable to prototype pollution. The vulnerability exists due to an incomplete fix of CVE-2020-7715, allowing an attacker to get control of value of “deep” and modify attributes such as proto, constructor and prototype...

9.8CVSS8.9AI score0.01965EPSS
Exploits2References2Affected Software1
Github Security Blog
Github Security Blog
added 2022/06/25 12:0 a.m.33 views

Prototype Pollution in deep-get-set

All versions of package deep-get-set are vulnerable to Prototype Pollution via the 'deep' function. Note: This vulnerability derives from an incomplete fix of CVE-2020-7715...

9.8CVSS5.3AI score0.01313EPSS
Exploits1References3Affected Software1
NVD
NVD
added 2022/06/24 8:15 p.m.31 views

CVE-2022-21231

All versions of package deep-get-set are vulnerable to Prototype Pollution via the 'deep' function. Note: This vulnerability derives from an incomplete fix of CVE-2020-7715...

9.8CVSS0.01313EPSS
Exploits1References1
Prion
Prion
added 2022/06/24 8:15 p.m.24 views

Design/Logic Flaw

All versions of package deep-get-set are vulnerable to Prototype Pollution via the 'deep' function. Note: This vulnerability derives from an incomplete fix of CVE-2020-7715...

7.5CVSS9.4AI score0.01965EPSS
Exploits2References1
vulnersOsv
vulnersOsv
added 2021/05/06 6:12 p.m.4 views

@draadnl/openstad-cms (>=0.12.2 <=0.12.3), @ngodn/apostrophe (>=2.94.2 <=2.94.7) +37 more potentially affected by CVE-2020-7715 via deep-get-set (=0.1.1)

deep-get-set NPM version =0.1.1 is affected by a known vulnerability. The following packages have a transitive dependency on deep-get-set and may be impacted: - @draadnl/openstad-cms =0.12.2, =2.94.2, =1.3.0, =0.0.1, =0.5.235, =2.94.1, =0.5.0, =0.5.0, =1.0.0, =0.0.1, =0.0.1, =0.0.1, =2.93.0,...

9.8CVSS7.2AI score0.01965EPSS
Exploits1
NVD
NVD
added 2020/09/01 10:15 a.m.30 views

CVE-2020-7715

All versions of package deep-get-set are vulnerable to Prototype Pollution via the main function...

9.8CVSS8.6AI score0.01965EPSS
Exploits1References1
CVE
CVE
added 2020/09/01 9:20 a.m.71 views

CVE-2020-7715

CVE-2020-7715 affects the npm package deep-get-set . The vulnerability is a prototype pollution flaw in the main function, arising from an incomplete fix, allowing an attacker to pollute Object.prototype (e.g., via the key path "proto " or related paths). Affected versions are those before the re...

9.8CVSS8.5AI score0.01965EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder