Skip to main content

Json8 Merge Patch

1 CVEs product

Monthly

CVE-2020-8268 npm HIGH POC PATCH This Week

Prototype pollution vulnerability in json8-merge-patch npm package < 1.0.3 may allow attackers to inject or modify methods and properties of the global object constructor. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Node.js Code Injection Json8 Merge Patch
NVD
CVSS 3.1
7.5
EPSS
1.3%
EPSS 1% CVSS 7.5
HIGH POC PATCH This Week

Prototype pollution vulnerability in json8-merge-patch npm package < 1.0.3 may allow attackers to inject or modify methods and properties of the global object constructor. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Node.js Code Injection Json8 Merge Patch
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy