npm package
@strikeentco/set
pkg:npm/%40strikeentco/set
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-23497 | — | < 1.0.2 | 1.0.2 | Feb 4, 2022 | This affects the package @strikeentco/set before 1.0.2. It allows an attacker to cause a denial of service and may lead to remote code execution. **Note:** This vulnerability derives from an incomplete fix in https://security.snyk.io/vuln/SNYK-JS-STRIKEENTCOSET-1038821 | ||
| CVE-2020-28267 | — | >= 1.0.0, < 1.0.1 | 1.0.1 | Nov 10, 2020 | Prototype pollution vulnerability in '@strikeentco/set' version 1.0.0 allows attacker to cause a denial of service and may lead to remote code execution. |
- CVE-2021-23497Feb 4, 2022affected < 1.0.2fixed 1.0.2
This affects the package @strikeentco/set before 1.0.2. It allows an attacker to cause a denial of service and may lead to remote code execution. **Note:** This vulnerability derives from an incomplete fix in https://security.snyk.io/vuln/SNYK-JS-STRIKEENTCOSET-1038821
- CVE-2020-28267Nov 10, 2020affected >= 1.0.0, < 1.0.1fixed 1.0.1
Prototype pollution vulnerability in '@strikeentco/set' version 1.0.0 allows attacker to cause a denial of service and may lead to remote code execution.