sindresorhus/dot-prop

Releases31

Frequency4 months 1 week

Last Release 8 months ago

Stars866

Get, set, or delete a property from a nested object using a dot path

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2020-8116 ↗	Feb 4, 2020Tuesday, 4 February 2020, 20:15	7.3 HIGH	7.5 HIGH
Prototype pollution vulnerability in dot-prop npm package versions before 4.2.1 and versions 5.x before 5.1.1 allows an attacker to add arbitrary properties to JavaScript language constructs such as objects.