npm package
deephas
pkg:npm/deephas
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-25047 | — | < 1.0.8 | 1.0.8 | Jan 29, 2026 | deepHas provides a test for the existence of a nested object key and optionally returns that key. A prototype pollution vulnerability exists in version 1.0.7 of the deephas npm package that allows an attacker to modify global object behavior. This issue was fixed in version 1.0.8 | ||
| CVE-2020-28271 | Cri | 9.8 | >= 1.0.0, <= 1.0.5 | — | Nov 12, 2020 | Prototype pollution vulnerability in 'deephas' versions 1.0.0 through 1.0.5 allows attacker to cause a denial of service and may lead to remote code execution. |
- CVE-2026-25047Jan 29, 2026affected < 1.0.8fixed 1.0.8
deepHas provides a test for the existence of a nested object key and optionally returns that key. A prototype pollution vulnerability exists in version 1.0.7 of the deephas npm package that allows an attacker to modify global object behavior. This issue was fixed in version 1.0.8
- affected >= 1.0.0, <= 1.0.5
Prototype pollution vulnerability in 'deephas' versions 1.0.0 through 1.0.5 allows attacker to cause a denial of service and may lead to remote code execution.