2 matches found
CVE-2020-7618
CVE-2020-7618 affects the sds package up to 3.2.0. The issue is Prototype Pollution via the set.js function, allowing manipulation of Object.prototype. Affected components: sds (monsterkodi/sds); root cause is unsafe prototype modification through js/set.js. Potential impact includes pollution of...
CVE-2022-25862
The CVE-2022-25862 entry concerns the npm package sds, affected from version 0.0.0 onward. The vulnerability is a prototype pollution flaw caused by the set function in js/set.js, which can allow an attacker to add or modify properties on Object.prototype. This defect stems from an incomplete fix...