Skip to main content

Underscore Keypath

1 CVEs product

Monthly

CVE-2023-26139 npm HIGH This Week

Versions of the package underscore-keypath from 0.0.11 are vulnerable to Prototype Pollution via the name argument of the setProperty() function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Prototype Pollution Underscore Keypath
NVD GitHub
CVSS 3.1
7.5
EPSS
0.7%
EPSS 1% CVSS 7.5
HIGH This Week

Versions of the package underscore-keypath from 0.0.11 are vulnerable to Prototype Pollution via the name argument of the setProperty() function. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Prototype Pollution Underscore Keypath
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy