npm package
madlib-object-utils
pkg:npm/madlib-object-utils
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-24279 | — | < 0.1.8 | 0.1.8 | Apr 15, 2022 | The package madlib-object-utils before 0.1.8 are vulnerable to Prototype Pollution via the setValue method, as it allows an attacker to merge object prototypes into it. *Note:* This vulnerability derives from an incomplete fix of [CVE-2020-7701](https://security.snyk.io/vuln/SNYK | ||
| CVE-2020-7701 | — | < 0.1.7 | 0.1.7 | Aug 14, 2020 | madlib-object-utils before 0.1.7 is vulnerable to Prototype Pollution via setValue. |
- CVE-2022-24279Apr 15, 2022affected < 0.1.8fixed 0.1.8
The package madlib-object-utils before 0.1.8 are vulnerable to Prototype Pollution via the setValue method, as it allows an attacker to merge object prototypes into it. *Note:* This vulnerability derives from an incomplete fix of [CVE-2020-7701](https://security.snyk.io/vuln/SNYK
- CVE-2020-7701Aug 14, 2020affected < 0.1.7fixed 0.1.7
madlib-object-utils before 0.1.7 is vulnerable to Prototype Pollution via setValue.