Prototype Pollution in deep-get-set
High severity
GitHub Reviewed
Published
Jun 25, 2022
to the GitHub Advisory Database
•
Updated Jan 27, 2023
Description
Published by the National Vulnerability Database
Jun 24, 2022
Published to the GitHub Advisory Database
Jun 25, 2022
Reviewed
Jun 29, 2022
Last updated
Jan 27, 2023
All versions of package deep-get-set are vulnerable to Prototype Pollution via the 'deep' function. Note: This vulnerability derives from an incomplete fix of CVE-2020-7715
References