CVE-2020-7770

Summary

This affects the package json8 before 1.0.3. The function adds in the target object the property specified in the path, however it does not properly check the key being set, leading to a prototype pollution.

Affected Software

VendorProductVersion RangeStatus
n/ajson8unspecified < 1.0.3affected

Weaknesses

  • Prototype Pollution

ADP Enrichment

CVE Program Container

Additional References

References