0.006 Low
EPSS
Percentile
79.5%
deepref is vulnerable to prototype pollution. An attacker is able to inject properties into existing construct prototypes and modify attributes such as __proto__, constructor and prototype.
__proto__
constructor
prototype
github.com/isaymatato/deepref/commit/24935e6a1060cb09c641d3075982f0b44cfca4c2
www.whitesourcesoftware.com/vulnerability-database/CVE-2020-28274,https://github.com/isaymatato/deepref/commit/24935e6a1060cb09c641d3075982f0b44cfca4c2