Skip to main content

Assign Deep

2 CVEs product

Monthly

CVE-2019-10745 npm HIGH POC PATCH This Week

assign-deep is vulnerable to Prototype Pollution in versions before 0.4.8 and version 1.0.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Prototype Pollution Information Disclosure Assign Deep
NVD
CVSS 3.1
7.5
EPSS
1.1%
CVE-2018-3720 npm HIGH POC PATCH This Week

assign-deep node module before 0.4.7 suffers from a Modification of Assumed-Immutable Data (MAID) vulnerability, which allows a malicious user to modify the prototype of "Object" via __proto__,. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Assign Deep
NVD GitHub
CVSS 3.1
8.8
EPSS
2.0%
EPSS 1% CVSS 7.5
HIGH POC PATCH This Week

assign-deep is vulnerable to Prototype Pollution in versions before 0.4.8 and version 1.0.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Prototype Pollution Information Disclosure Assign Deep
NVD
EPSS 2% CVSS 8.8
HIGH POC PATCH This Week

assign-deep node module before 0.4.7 suffers from a Modification of Assumed-Immutable Data (MAID) vulnerability, which allows a malicious user to modify the prototype of "Object" via __proto__,. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Assign Deep
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy