EPSS
Percentile
82.0%
safe-obj is vulnerable to prototype pollution. An attacker is able to inject properties into existing construct prototypes and modify attributes such as __proto__, constructor and prototype.
__proto__
constructor
prototype
github.com/mantacode/safe-obj/blob/6ab63529182b6cf11704ac84f10800290afd3f9f/lib/index.js#L122
github.com/mantacode/safe-obj/blob/v0.0.8/safe.js#L18
www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25928