rhalff/dot-object

Releases43

Frequency2 months 4 weeks

Last Release about 2 years ago

Stars482

Transform json objects using dot notation

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2019-10793 ↗	Feb 18, 2020Tuesday, 18 February 2020, 16:15	6.3 MEDIUM	6.5 MEDIUM
dot-object before 2.1.3 is vulnerable to Prototype Pollution. The set function could be tricked into adding or modifying properties of Object.prototype using a __proto__ payload.