EPSS
Percentile
77.6%
grpc is vulnerable to prototype pollution. The vulnerability exists through loadPackageDefinition, where the prototype of the class of the object can be set through arbitrary values of __proto__.
__proto__
github.com/grpc/grpc-node/commit/23b3795a4d54a16ac3dd40a7d3c65f3ba33943ef
github.com/grpc/grpc-node/commit/afe4c3e0825d0b0256a0f994c7087115d508c580
github.com/grpc/grpc-node/pull/1605
github.com/grpc/grpc-node/pull/1606