0.011 Low
EPSS
Percentile
84.7%
dset is vulnerable to prototype pollution. An attacker is able to exploit the vulnerability to inject arbitrary properties into existing construct prototypes and modify attributes such as __proto__, constructor and prototype.
__proto__
constructor
prototype
github.com/lukeed/dset/blob/50a6ead172d1466a96035eff00f8eb465ccd050a/src/index.js#L6
www.whitesourcesoftware.com/vulnerability-database/CVE-2020-28277