All versions of package worksmith are vulnerable to Prototype Pollution via the setValue function.
References
Link | Resource |
---|---|
https://snyk.io/vuln/SNYK-JS-WORKSMITH-598798 | Exploit Third Party Advisory |
Configurations
History
No history.
Information
Published : 2020-09-01 10:15
Updated : 2024-02-28 17:47
NVD link : CVE-2020-7725
Mitre link : CVE-2020-7725
CVE.ORG link : CVE-2020-7725
JSON object : View
Products Affected
guidesmiths
- worksmith
CWE
CWE-1321
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')