monsterkodi/sds

monsterkodi/sds

Releases27

Frequency2 weeks 2 days

Last Release over 9 years ago

Stars2

structured data search

Log in to subscribe

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2022-25862 ↗	May 13, 2022Friday, 13 May 2022, 20:15	4 MEDIUM	5 MEDIUM
This affects the package sds from 0.0.0. The library could be tricked into adding or modifying properties of the Object.prototype by abusing the set function located in js/set.js. Note: This vulnerability derives from an incomplete fix to [CVE-2020-7618](https://security.snyk.io/vuln/SNYK-JS-SDS-564123)
CVE-2020-7618 ↗	Apr 7, 2020Tuesday, 7 April 2020, 14:15	5.3 MEDIUM	5 MEDIUM
sds through 3.2.0 is vulnerable to Prototype Pollution.The library could be tricked into adding or modifying properties of the 'Object.prototype' by abusing the 'set' function located in 'js/set.js'.