The package bmoor before 0.8.12 are vulnerable to Prototype Pollution via the set function.
9.8CVSS
9.2AI Score
0.004EPSS
The package bmoor before 0.10.1 are vulnerable to Prototype Pollution due to missing sanitization in set function. Note: This vulnerability derives from an incomplete fix in CVE-2020-7736
9.8CVSS
9.2AI Score
0.004EPSS