CVE-2020-7643
N/A
N/A
Summary
paypal-adaptive through 0.4.2 manipulation of JavaScript objects resulting in Prototype Pollution. The PayPal function could be tricked into adding or modifying properties of Object.prototype using a proto payload.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | paypal-adaptive | All versions including 0.4.2 | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://github.com/Ideame/paypal-adaptive-sdk-nodejs/blob/master/lib/paypal-adaptive.js#L31
- https://snyk.io/vuln/SNYK-JS-PAYPALADAPTIVE-565089
References
- https://github.com/Ideame/paypal-adaptive-sdk-nodejs/blob/master/lib/paypal-adaptive.js#L31
- https://snyk.io/vuln/SNYK-JS-PAYPALADAPTIVE-565089
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.