WhiteSource Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

WS-2020-0079

Good to know:

icon

Date: May 20, 2020

unflatten through 1.0.4 is vulnerable to prototype pollution. The function unflatten does not restrict the modification of an Object's prototype, which may allow an attacker to add or modify an existing property that will exist on all objects.

Language: JS

Severity Score

Related Resources (2)

https://www.npmjs.com/advisories/1329
https://www.whitesourcesoftware.com/vulnerability-database/WS-2020-0079

Weakness Type (CWE)

Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

CWE-1321

Top Fix

icon

Upgrade Version

No fix version available

Do you need more information?

Contact Us