VDB
KO
MEDIUM 5.3

GHSA-wfwq-xc57-fq7v

eivindfjeldstad-dot contains prototype pollution vulnerability

Details

eivindfjeldstad-dot below 1.0.3 is vulnerable to Prototype Pollution.The function 'set' could be tricked into adding or modifying properties of 'Object.prototype' using a '__proto__' payload.

Are you affected?

Enter the version of the package you're using.

Affected packages

npm / @eivifj/dot
Introduced in: 0 Fixed in: 1.0.3
Fix npm install @eivifj/dot@1.0.3

References