Lucene search
+L

5 matches found

vulnersosv
vulnersosv
added 2021/05/06 6:12 p.m.8 views

@decentverse/server (>=0.0.1 <=0.0.148), @swapscanner/truffle-hdwallet-provider-klaytn (=1.4.2) +18 more potentially affected by CVE-2020-7717 via dot-notes (>=1.1.1 <=3.1.1)

dot-notes NPM version =1.1.1, =0.0.1, =1.0.0, =1.0.0, =1.0.1, =1.4.0, =1.0.0, =1.6.4, =0.3.1, =0.0.1, =1.0.0, =0.0.1, =0.1.1 and more Source cves: CVE-2020-7717 Source advisory: OSV:GHSA-QR4M-JCVC-3382...

9.8CVSS7.2AI score0.01916EPSS
Exploits1
nvd
nvd
added 2020/09/01 10:15 a.m.24 views

CVE-2020-7717

All versions of package dot-notes are vulnerable to Prototype Pollution via the create function...

9.8CVSS9.6AI score0.01916EPSS
Exploits1References1
cvelist
cvelist
added 2020/09/01 9:25 a.m.29 views

CVE-2020-7717 Prototype Pollution

All versions of package dot-notes are vulnerable to Prototype Pollution via the create function...

9.8CVSS9.6AI score0.01916EPSS
Exploits1References1
cve
cve
added 2020/09/01 9:25 a.m.65 views

CVE-2020-7717

CVE-2020-7717 affects the npm package dot-notes. The connected documents clearly describe a prototype pollution flaw in the create function, enabling an attacker to inject properties into object prototypes. The scope covers versions prior to 3.2.1, with remediation recommending an update to 3.2.1...

9.8CVSS9.5AI score0.01916EPSS
Exploits1References1Affected Software1
vulnersosv
vulnersosv
added 2020/08/14 9:40 a.m.4 views

@decentverse/server (>=0.0.1 <=0.0.148), @swapscanner/truffle-hdwallet-provider-klaytn (=1.4.2) +18 more potentially affected by CVE-2020-7717 via dot-notes (=3.1.1)

dot-notes NPM version =3.1.1 is affected by a known vulnerability. The following packages have a transitive dependency on dot-notes and may be impacted: - @decentverse/server =0.0.1, =1.0.0, =1.0.0, =1.0.1, =1.4.0, =1.0.0, =1.6.4, =0.0.1, =1.0.0, =0.0.1, =0.1.1 and more Source cves: CVE-2020-7717...

9.8CVSS7.2AI score0.01916EPSS
Exploits1
Rows per page
Query Builder