2 matches found
CVE-2021-23574
The CVE-2021-23574 entry covers a Prototype Pollution vulnerability in the js-data package triggered via deepFillIn and set, with root cause in object contamination and an impact profile of high severity. Connected documents corroborate this as a js-data issue and note the pollution affects all v...
CVE-2021-23574 Prototype Pollution
All versions of package js-data are vulnerable to Prototype Pollution via the deepFillIn and the set functions. This is an incomplete fix of CVE-2020-28442...