0.012 Low
EPSS
Percentile
84.9%
dotty is vulnerable to prototype pollution. An attacker is able to inject properties into existing construct prototypes and modify attributes such as __proto__, constructor and prototype.
__proto__
constructor
prototype
github.com/deoxxa/dotty/commit/cd997d37917186c131be71501a698803f2b7ebdb
github.com/deoxxa/dotty/pull/26
www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25912