GitHub Advisory DatabaseGHSA-P3HC-FV2J-RP68Prototype Pollution in swiper
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
87.3%
Versions of the package swiper before 6.5.1 are susceptible to prototype pollution.
Affected configurations
References
github.com/advisories/GHSA-p3hc-fv2j-rp68
github.com/nolimits4web/swiper/blob/master/CHANGELOG.md#651-2021-03-29
github.com/nolimits4web/swiper/commit/9dad2739b7474f383474773d5ab898a0c29ac178
github.com/nolimits4web/Swiper/commit/ec358deab79a8cd2529465f07a0ead5dbcc264ad
nvd.nist.gov/vuln/detail/CVE-2021-23370
snyk.io/vuln/SNYK-JAVA-ORGWEBJARS-1244698
snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1244699
snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWERGITHUBNOLIMITS4WEB-1244697
snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1244696
snyk.io/vuln/SNYK-JS-SWIPER-1088062
Related
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
87.3%