Lucene search

Dot Project Security Vulnerabilities

cve

CVE-2023-26106

All versions of the package dot-lens are vulnerable to Prototype Pollution via the set() function in index.js...

7.5CVSS

7.5AI Score

0.001EPSS

2023-03-06 05:15 AM

cve

CVE-2020-7639

eivindfjeldstad-dot below 1.0.3 is vulnerable to Prototype Pollution.The function 'set' could be tricked into adding or modifying properties of 'Object.prototype' using a 'proto'...

5.3CVSS

5.2AI Score

0.001EPSS

2020-04-06 01:15 PM

cve

CVE-2020-7717

All versions of package dot-notes are vulnerable to Prototype Pollution via the create...

9.8CVSS

9.4AI Score

0.005EPSS

2020-09-01 10:15 AM

cve

CVE-2020-8141

The dot package v1.1.2 uses Function() to compile templates. This can be exploited by the attacker if they can control the given template or if they can control the value set on...

8.8CVSS

8.4AI Score

0.001EPSS

2020-03-15 06:15 PM

cve

CVE-2019-10793

dot-object before 2.1.3 is vulnerable to Prototype Pollution. The set function could be tricked into adding or modifying properties of Object.prototype using a proto...

6.3CVSS

6.3AI Score

0.001EPSS

2020-02-18 04:15 PM

cve

CVE-2020-8116

Prototype pollution vulnerability in dot-prop npm package versions before 4.2.1 and versions 5.x before 5.1.1 allows an attacker to add arbitrary properties to JavaScript language constructs such as...

7.3CVSS

7.2AI Score

0.002EPSS

2020-02-04 08:15 PM

124