Prototype Pollution

2020-12-0906:58:18

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.006 Low

EPSS

Percentile

79.5%

JSON

deepref is vulnerable to prototype pollution. An attacker is able to inject properties into existing construct prototypes and modify attributes such as __proto__, constructor and prototype.

CPENameOperatorVersion
deeprefle1.2.1

CPE	Name	Operator	Version
	deepref	le	1.2.1

References

github.com/isaymatato/deepref/commit/24935e6a1060cb09c641d3075982f0b44cfca4c2

www.whitesourcesoftware.com/vulnerability-database/CVE-2020-28274,https://github.com/isaymatato/deepref/commit/24935e6a1060cb09c641d3075982f0b44cfca4c2

0.006 Low

EPSS

Percentile

79.5%

JSON

Related for VERACODE:28518