CVE-2021-23574

Summary

All versions of package js-data are vulnerable to Prototype Pollution via the deepFillIn and the set functions. This is an incomplete fix of CVE-2020-28442.

Affected Software

VendorProductVersion RangeStatus
n/ajs-data0 < unspecifiedaffected

Weaknesses

  • Prototype Pollution

ADP Enrichment

CVE Program Container

Additional References

References