Skip to main content

Object Path

3 CVEs product

Monthly

CVE-2021-3805 npm HIGH POC PATCH This Week

object-path is vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution'). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Prototype Pollution Information Disclosure Object Path Debian Linux
NVD GitHub
CVSS 3.1
7.5
EPSS
2.1%
CVE-2021-23434 npm HIGH POC PATCH This Week

This affects the package object-path before 0.11.6. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Authentication Bypass Object Path Debian Linux
NVD GitHub
CVSS 3.1
8.6
EPSS
1.9%
CVE-2020-15256 npm CRITICAL PATCH Act Now

A prototype pollution vulnerability has been found in `object-path` <= 0.11.4 affecting the `set()` method. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Object Path
NVD GitHub
CVSS 3.1
9.8
EPSS
1.5%
EPSS 2% CVSS 7.5
HIGH POC PATCH This Week

object-path is vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution'). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Prototype Pollution Information Disclosure Object Path +1
NVD GitHub
EPSS 2% CVSS 8.6
HIGH POC PATCH This Week

This affects the package object-path before 0.11.6. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Memory Corruption Authentication Bypass Object Path +1
NVD GitHub
EPSS 2% CVSS 9.8
CRITICAL PATCH Act Now

A prototype pollution vulnerability has been found in `object-path` <= 0.11.4 affecting the `set()` method. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Object Path
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy