Lucene search
AnonymousNODEJS:1607HistoryFeb 19, 2021 - 7:44 p.m.
Prototype Pollution
2021-02-1919:44:46
Anonymous
www.npmjs.com
64
0.003 Low
EPSS
Percentile
69.2%
Overview
Affected versions of jointjs are vulnerable to Prototype Pollution via util.setByPath. The path used the access the object’s key and set the value is not properly sanitized, leading to a Prototype Pollution.
Recommendation
Update to fixed version 3.3.0 or later
References
Related
cve
cve
CVE-2020-28480
2021-01-19 15:15:11
CVE-2021-23444
2021-09-21 17:15:09
prion
prion
Path traversal
2021-01-19 15:15:00
Type confusion
2021-09-21 17:15:00
cvelist
cvelist
CVE-2020-28480 Prototype Pollution
2021-01-19 00:00:00
CVE-2021-23444 Prototype Pollution
2021-09-21 00:00:00
huntr
huntr
Prototype Pollution in clientio/joint
2021-09-05 06:40:24
nvd
nvd
CVE-2020-28480
2021-01-19 15:15:11
CVE-2021-23444
2021-09-21 17:15:09
veracode
veracode
Prototype Pollution
2021-01-20 03:22:06
osv
osv
Prototype pollution in JointJS
2021-01-20 21:21:16
CVE-2020-28480
2021-01-19 15:15:11
CVE-2021-23444
2021-09-21 17:15:09
github
github
Prototype pollution in JointJS
2021-01-20 21:21:16
Prototype Pollution in jointjs
2021-09-22 20:36:34