Description

All versions of package deeps are vulnerable to Prototype Pollution via the set function.

Remediation

References

https://snyk.io/vuln/SNYK-JS-DEEPS-598667

Related Vulnerabilities

CVE-2020-7760 Vulnerability in maven package org.webjars.bower:codemirror

CVE-2019-1010260 Vulnerability in maven package com.github.shyiko:ktlint

CVE-2012-5817 Vulnerability in maven package org.codehaus.xfire:xfire-core

CVE-2019-18212 Vulnerability in maven package org.lsp4xml:org.eclipse.lsp4xml.extensions.emmet

CVE-2022-37734 Vulnerability in maven package com.graphql-java:graphql-java

Severity

Critical

Classification

CWE-1321 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Exploit Third Party Advisory