5 matches found
@draadnl/openstad-cms (>=0.12.2 <=0.12.3), @ngodn/apostrophe (>=2.94.2 <=2.94.7) +38 more potentially affected by CVE-2022-21231 via deep-get-set (>=0.1.1 <=1.1.1)
deep-get-set NPM version =0.1.1, =0.12.2, =2.94.2, =1.3.0, =0.0.1, =0.5.235, =2.94.1, =0.5.0, =0.5.0, =1.0.0, =0.0.1, =0.0.1, =0.0.1, =2.93.0, =2.93.2 and more Source cves: CVE-2022-21231 Source advisory: OSV:GHSA-MJJJ-6P43-VHHV...
CVE-2022-21231
All versions of package deep-get-set are vulnerable to Prototype Pollution via the 'deep' function. Note: This vulnerability derives from an incomplete fix of CVE-2020-7715...
CVE-2022-21231 Prototype Pollution
All versions of package deep-get-set are vulnerable to Prototype Pollution via the 'deep' function. Note: This vulnerability derives from an incomplete fix of CVE-2020-7715...
CVE-2022-21231
CVE-2022-21231 affects the deep-get-set package; all versions are vulnerable to prototype pollution via the deep function. The vulnerability stems from an incomplete fix of CVE-2020-7715. The available references describe the issue as a prototype pollution risk that could allow modification of Ob...
CVE-2022-21231
All versions of package deep-get-set are vulnerable to Prototype Pollution via the 'deep' function. Note: This vulnerability derives from an incomplete fix of CVE-2020-7715...