CVE-2022-25862
4
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L/E:P
Summary
This affects the package sds from 0.0.0. The library could be tricked into adding or modifying properties of the Object.prototype by abusing the set function located in js/set.js. Note: This vulnerability derives from an incomplete fix to CVE-2020-7618
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | sds | 0.0.0 < unspecified | affected |
Weaknesses
- Prototype Pollution
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.