npm package
bmoor
pkg:npm/bmoor
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-23558 | Hig | 7.3 | < 0.10.1 | 0.10.1 | Jan 28, 2022 | The package bmoor before 0.10.1 are vulnerable to Prototype Pollution due to missing sanitization in set function. **Note:** This vulnerability derives from an incomplete fix in [CVE-2020-7736](https://security.snyk.io/vuln/SNYK-JS-BMOOR-598664) | |
| CVE-2020-7736 | Hig | 7.3 | < 0.8.12 | 0.8.12 | Oct 2, 2020 | The package bmoor before 0.8.12 are vulnerable to Prototype Pollution via the set function. |
- affected < 0.10.1fixed 0.10.1
The package bmoor before 0.10.1 are vulnerable to Prototype Pollution due to missing sanitization in set function. **Note:** This vulnerability derives from an incomplete fix in [CVE-2020-7736](https://security.snyk.io/vuln/SNYK-JS-BMOOR-598664)
- affected < 0.8.12fixed 0.8.12
The package bmoor before 0.8.12 are vulnerable to Prototype Pollution via the set function.