Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Immer Security Vulnerabilities

cve
cve

CVE-2020-28477

This affects all versions of package immer.

7.5CVSS

7.4AI Score

0.002EPSS

2021-01-19 11:15 AM
86
4
cve
cve

CVE-2021-23436

This affects the package immer before 9.0.6. A type confusion vulnerability can lead to a bypass of CVE-2020-28477 when the user-provided keys used in the path parameter are arrays. In particular, this bypass is possible because the condition (p === "proto " || p === "constructor") in applyPatches_...

9.8CVSS

7.7AI Score

0.006EPSS

2021-09-01 06:15 PM
84
cve
cve

CVE-2021-3757

immer is vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

9.8CVSS

9.2AI Score

0.003EPSS

2021-09-02 12:15 PM
72
2