npm package
deeply
pkg:npm/deeply
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-10750 | — | < 3.1.0 | 3.1.0 | Aug 23, 2019 | deeply is vulnerable to Prototype Pollution in versions before 3.1.0. The function assign-deep could be tricked into adding or modifying properties of Object.prototype using using a _proto_ payload. |
- CVE-2019-10750Aug 23, 2019affected < 3.1.0fixed 3.1.0
deeply is vulnerable to Prototype Pollution in versions before 3.1.0. The function assign-deep could be tricked into adding or modifying properties of Object.prototype using using a _proto_ payload.