0.006 Low
EPSS
Percentile
77.8%
dotty is vulnerable to prototype pollution. An attacker is able to inject properties into existing construct prototypes via the put function and modify attributes such as __proto__, constructor, and prototype.
put
__proto__
constructor
prototype
github.com/deoxxa/dotty/commit/88f61860dcc274a07a263c32cbe9d44c24ef02d7
github.com/deoxxa/dotty/pull/32