Lucene search
GoogleOSV:GHSA-92XJ-MQP7-VMCJHistorySep 14, 2020 - 9:42 p.m.
Prototype Pollution in node-forge
2020-09-1421:42:09
Google
osv.dev
8
0.002 Low
EPSS
Percentile
59.1%
The package node-forge before 0.10.0 is vulnerable to Prototype Pollution via the util.setPath function. Note: version 0.10.0 is a breaking change removing the vulnerable functions.
| CPE | Name | Operator | Version |
|---|---|---|---|
| node-forge | lt | 0.10.0 |
References
github.com/digitalbazaar/forge
github.com/digitalbazaar/forge/blob/master/CHANGELOG.md
github.com/digitalbazaar/forge/blob/master/CHANGELOG.md#removed
github.com/digitalbazaar/forge/commit/6a1e3ef74f6eb345bcff1b82184201d1e28b6756
nvd.nist.gov/vuln/detail/CVE-2020-7720
snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-609293
snyk.io/vuln/SNYK-JS-NODEFORGE-598677
Related
ibm
ibm
osv
osv
CVE-2020-7720
2020-09-01 10:15:10
Prototype Pollution in node-forge util.setPath API
2022-01-08 00:22:40
nvd
nvd
CVE-2020-7720
2020-09-01 10:15:10
cve
cve
CVE-2020-7720
2020-09-01 10:15:10
ubuntucve
ubuntucve
CVE-2020-7720
2020-09-01 00:00:00
nodejs
nodejs
Prototype Pollution in node-forge
2020-09-30 18:39:48
github
github
Prototype Pollution in node-forge util.setPath API
2022-01-08 00:22:40
Prototype Pollution in node-forge
2020-09-14 21:42:09
prion
prion
Design/Logic Flaw
2020-09-01 10:15:00
githubexploit
githubexploit
redhatcve
redhatcve
CVE-2020-7720
2020-09-01 18:18:38
veracode
veracode
Prototype Pollution
2020-09-02 06:31:08
debiancve
debiancve
CVE-2020-7720
2020-09-01 10:15:10
cvelist
cvelist
CVE-2020-7720 Prototype Pollution
2020-09-01 00:00:00
redhat
redhat