npm package
dot-object
pkg:npm/dot-object
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-10793 | — | < 2.1.3 | 2.1.3 | Feb 18, 2020 | dot-object before 2.1.3 is vulnerable to Prototype Pollution. The set function could be tricked into adding or modifying properties of Object.prototype using a __proto__ payload. |
- CVE-2019-10793Feb 18, 2020affected < 2.1.3fixed 2.1.3
dot-object before 2.1.3 is vulnerable to Prototype Pollution. The set function could be tricked into adding or modifying properties of Object.prototype using a __proto__ payload.