VDB
CVE-2021-23820
CVE-2021-23820
PUBLISHED
CVSS 5.599999904632568 MEDIUM
Prototype Pollution in json-pointer
EPSS 0.52% · 67.3th percentile
Risk Scores
CVSS 3.1
5.599999904632568
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
EPSS Score
0.52%
67.3th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| npm | json-pointer | 0 |
| n/a | json-pointer | 0 |
| manuelstofer | json-pointer | 0 |
Exploit Intelligence
Timeline
- Nov 3, 2021 CVE Published
- Nov 4, 2021 EPSS Score
- Nov 5, 2021 CVE Updated
- Jan 6, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- Apr 20, 2022 EPSS Score
- Aug 11, 2022 EPSS Score
- Oct 6, 2022 EPSS Score
- Jan 25, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- May 17, 2023 EPSS Score
References
- https://snyk.io/vuln/SNYK-JS-JSONPOINTER-1577287 url
- https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1910686 url
- https://github.com/manuelstofer/json-pointer/blob/master/index.js%23L78 url
- https://nvd.nist.gov/vuln/detail/CVE-2021-23820 advisory
- https://github.com/manuelstofer/json-pointer/pull/36 url
- https://github.com/manuelstofer/json-pointer/commit/931b0f9c7178ca09778087b4b0ac7e4f505620c2 url
- https://github.com/manuelstofer/json-pointer package