CVE-2020-7707

Published August 18th, 2020

View on NVD ↗

CVSS v3

9.8

CRITICAL

CVSS v2

7.5

HIGH

Affected

1

PROJECT

Description

The package property-expr before 2.0.3 are vulnerable to Prototype Pollution via the setter function.

tiny util for getting and setting deep object props safely

GitHub

26