CVE-2019-10745
N/A
N/A
Summary
assign-deep is vulnerable to Prototype Pollution in versions before 0.4.8 and version 1.0.0. The function assign-deep could be tricked into adding or modifying properties of Object.prototype using either a constructor or a proto payload.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | assign-deep | All versions prior to 0.4.8 and version 1.0.0 | affected |
Weaknesses
- Prototype Pollution
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.