Lucene search
SnykCVELIST:CVE-2020-7774HistoryNov 17, 2020 - 12:30 p.m.
CVE-2020-7774 Prototype Pollution
2020-11-1712:30:20
snyk
www.cve.org
10
cve-2020-7774
prototype pollution
y18n
CVSS3
7.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P
AI Score
9.6
Confidence
High
EPSS
0.338
Percentile
97.1%
The package y18n before 3.2.2, 4.0.1 and 5.0.5, is vulnerable to Prototype Pollution.
CNA Affected
[
{
"vendor": "n/a",
"product": "y18n",
"versions": [
{
"version": "unspecified",
"lessThan": "5.0.5",
"status": "affected",
"versionType": "custom"
}
]
}
]Related
debiancve
debiancve
CVE-2020-7774
2020-11-17 13:15:12
ibm
ibm
cve
cve
CVE-2020-7774
2020-11-17 13:15:12
redhatcve
redhatcve
CVE-2020-7774
2020-11-17 20:08:56
ubuntucve
ubuntucve
CVE-2020-7774
2020-11-17 00:00:00
nodejs
nodejs
Prototype Pollution
2021-03-12 23:16:43
osv
osv
CVE-2020-7774
2020-11-17 13:15:12
Prototype Pollution in y18n
2021-03-29 16:05:12
Moderate: nodejs:12 security and bug fix update
2020-12-15 16:03:21
alpinelinux
alpinelinux
CVE-2020-7774
2020-11-17 13:15:12
huntr
huntr
Prototype Pollution in yargs/y18n
2020-10-15 00:00:00
veracode
veracode
Prototype Pollution
2020-10-21 09:45:49
github
github
Prototype Pollution in y18n
2021-03-29 16:05:12
prion
prion
Code injection
2020-11-17 13:15:00
nvd
nvd
CVE-2020-7774
2020-11-17 13:15:12
nodejsblog
nodejsblog
April 2021 Security Releases
2021-04-06 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2021-0372)
2022-01-28 00:00:00
openSUSE: Security Advisory for nodejs8 (openSUSE-SU-2021:2618-1)
2021-08-07 00:00:00
SUSE: Security Advisory (SUSE-SU-2021:2618-1)
2021-08-06 00:00:00
nessus
nessus
SUSE SLES15 Security Update : nodejs8 (SUSE-SU-2021:2618-1)
2021-08-06 00:00:00
Oracle Linux 8 : nodejs:12 (ELSA-2020-5499)
2020-12-17 00:00:00
openSUSE 15 Security Update : nodejs8 (openSUSE-SU-2021:2618-1)
2021-08-06 00:00:00
suse
suse
Security update for nodejs8 (important)
2021-08-10 00:00:00
Security update for nodejs8 (important)
2021-08-05 00:00:00
Security update for nodejs14 (important)
2021-07-20 00:00:00
oraclelinux
oraclelinux
nodejs:12 security and bug fix update
2020-12-17 00:00:00
nodejs:14 security and bug fix update
2021-02-20 00:00:00
nodejs:10 security update
2021-02-20 00:00:00
almalinux
almalinux
Moderate: nodejs:12 security and bug fix update
2020-12-15 16:03:21
Moderate: nodejs:14 security and bug fix update
2021-02-16 07:34:42
Moderate: nodejs:10 security update
2021-02-16 07:34:15
mageia
mageia
Updated nodejs packages fix security vulnerabilities
2021-07-25 17:45:06
freebsd
freebsd
Node.js -- April 2021 Security Releases
2021-04-06 00:00:00
rocky
rocky
nodejs:12 security and bug fix update
2020-12-15 16:03:21
nodejs:14 security and bug fix update
2021-02-16 07:34:42
nodejs:10 security update
2021-02-16 07:34:15
redhat
redhat
(RHSA-2020:5305) Moderate: rh-nodejs12-nodejs security update
2020-12-01 14:18:32
(RHSA-2020:5499) Moderate: nodejs:12 security and bug fix update
2020-12-15 16:03:21
(RHSA-2021:0421) Moderate: rh-nodejs14-nodejs security update
2021-02-04 16:46:24
gentoo
gentoo
Node.js: Multiple Vulnerabilities
2024-05-08 00:00:00
ics
ics
Siemens SINEC INS
2022-03-10 12:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - April 2021
2021-04-20 00:00:00
CVSS3
7.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P
AI Score
9.6
Confidence
High
EPSS
0.338
Percentile
97.1%
Related for CVELIST:CVE-2020-7774