npm package
js-data
pkg:npm/js-data
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-23574 | — | <= 3.0.10 | — | Dec 24, 2021 | All versions of package js-data are vulnerable to Prototype Pollution via the deepFillIn and the set functions. This is an incomplete fix of [CVE-2020-28442](https://snyk.io/vuln/SNYK-JS-JSDATA-1023655). | ||
| CVE-2020-28442 | — | < 3.0.10 | 3.0.10 | Dec 15, 2020 | All versions of package js-data are vulnerable to Prototype Pollution via the deepFillIn function. |
- CVE-2021-23574Dec 24, 2021affected <= 3.0.10
All versions of package js-data are vulnerable to Prototype Pollution via the deepFillIn and the set functions. This is an incomplete fix of [CVE-2020-28442](https://snyk.io/vuln/SNYK-JS-JSDATA-1023655).
- CVE-2020-28442Dec 15, 2020affected < 3.0.10fixed 3.0.10
All versions of package js-data are vulnerable to Prototype Pollution via the deepFillIn function.