Lucene search
+L

8 matches found

euvd
euvd
added 2025/10/03 8:7 p.m.9 views

EUVD-2022-6095

Malicious code in bioql PyPI...

9.8CVSS9.3AI score0.01313EPSS
Exploits1References3
veracode
veracode
added 2022/06/27 5:41 a.m.19 views

Prototype Pollution

deep-get-set is vulnerable to prototype pollution. The vulnerability exists due to an incomplete fix of CVE-2020-7715, allowing an attacker to get control of value of “deep” and modify attributes such as proto, constructor and prototype...

9.8CVSS8.9AI score0.01965EPSS
Exploits2References2Affected Software1
github
github
added 2022/06/25 12:0 a.m.33 views

Prototype Pollution in deep-get-set

All versions of package deep-get-set are vulnerable to Prototype Pollution via the 'deep' function. Note: This vulnerability derives from an incomplete fix of CVE-2020-7715...

9.8CVSS5.3AI score0.01313EPSS
Exploits1References3Affected Software1
nvd
nvd
added 2022/06/24 8:15 p.m.31 views

CVE-2022-21231

All versions of package deep-get-set are vulnerable to Prototype Pollution via the 'deep' function. Note: This vulnerability derives from an incomplete fix of CVE-2020-7715...

9.8CVSS0.01313EPSS
Exploits1References1
prion
prion
added 2022/06/24 8:15 p.m.23 views

Design/Logic Flaw

All versions of package deep-get-set are vulnerable to Prototype Pollution via the 'deep' function. Note: This vulnerability derives from an incomplete fix of CVE-2020-7715...

7.5CVSS9.4AI score0.01965EPSS
Exploits2References1
vulnersosv
vulnersosv
added 2021/05/06 6:12 p.m.3 views

@draadnl/openstad-cms (>=0.12.2 <=0.12.3), @ngodn/apostrophe (>=2.94.2 <=2.94.7) +37 more potentially affected by CVE-2020-7715 via deep-get-set (=0.1.1)

deep-get-set NPM version =0.1.1 is affected by a known vulnerability. The following packages have a transitive dependency on deep-get-set and may be impacted: - @draadnl/openstad-cms =0.12.2, =2.94.2, =1.3.0, =0.0.1, =0.5.235, =2.94.1, =0.5.0, =0.5.0, =1.0.0, =0.0.1, =0.0.1, =0.0.1, =2.93.0,...

9.8CVSS7.2AI score0.01965EPSS
Exploits1
nvd
nvd
added 2020/09/01 10:15 a.m.30 views

CVE-2020-7715

All versions of package deep-get-set are vulnerable to Prototype Pollution via the main function...

9.8CVSS8.6AI score0.01965EPSS
Exploits1References1
cve
cve
added 2020/09/01 9:20 a.m.69 views

CVE-2020-7715

CVE-2020-7715 affects the npm package deep-get-set . The vulnerability is a prototype pollution flaw in the main function, arising from an incomplete fix, allowing an attacker to pollute Object.prototype (e.g., via the key path "proto " or related paths). Affected versions are those before the re...

9.8CVSS8.5AI score0.01965EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder