Lucene search

GoogleOSV:GHSA-M7J4-FHG6-XF5V

HistoryDec 17, 2020 - 9:00 p.m.

datatables.net vulnerable to Prototype Pollution due to incomplete fix

2020-12-1721:00:50

Google

osv.dev

124

0.004 Low

EPSS

Percentile

72.2%

All versions of package datatables.net are vulnerable to Prototype Pollution due to an incomplete fix for https://snyk.io/vuln/SNYK-JS-DATATABLESNET-598806.

CPENameOperatorVersion
datatables.netlt1.10.22

CPE	Name	Operator	Version
	datatables.net	lt	1.10.22

References

github.com/DataTables/DataTablesSrc

github.com/DataTables/DataTablesSrc/commit/a51cbe99fd3d02aa5582f97d4af1615d11a1ea03

github.com/DataTables/Dist-DataTables/blob/master/js/jquery.dataTables.js%23L2766

nvd.nist.gov/vuln/detail/CVE-2020-28458

snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1051961

snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1051962

snyk.io/vuln/SNYK-JS-DATATABLESNET-1016402

snyk.io/vuln/SNYK-JS-DATATABLESNET-598806

0.004 Low

EPSS

Percentile

72.2%

Related for OSV:GHSA-M7J4-FHG6-XF5V