All versions of dset
prior to 3.1.2 are vulnerable to Prototype Pollution via dset/merge
mode, as the dset
function checks for prototype pollution by validating if the top-level path contains __proto__
, constructor
or prototype
. By crafting a malicious object, it is possible to bypass this check and achieve prototype pollution.
CPE | Name | Operator | Version |
---|---|---|---|
org.webjars.npm:dset | eq | 3.1.1 | |
org.webjars.npm:dset | eq | 3.0.0 | |
org.webjars.npm:dset | eq | 3.1.0 | |
dset | lt | 3.1.2 |