EPSS
Percentile
5.1%
tree-kit is vulnerable to prototype pollution. The vulnerability exists in the op function of browser/tree-kit.js, due to the improper checks for the key variable which allows an attacker to modify object prototype attributes.
op
browser/tree-kit.js
key
github.com/cronvel/tree-kit/commit/a63f559c50d70e8cb2eaae670dec25d1dbc4afcd
github.com/cronvel/tree-kit/releases/tag/v0.7.0
vuldb.com/?ctiid.216765
vuldb.com/?id.216765