VDB
CVE-2021-3805
CVE-2021-3805
PUBLISHED
CVSS 7.5 HIGH
Reported by @huntrdev · Published September 17, 2021
object-path is vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
Risk Scores
CVSS 3.0
7.5
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| mariocasciaro | mariocasciaro/object-path | unspecified |
| mariocasciaro | mariocasciaro/object-path | unspecified, * |
| npm | object-path | 0 |
Timeline
- Sep 17, 2021 CVE Published
- Sep 17, 2021 EPSS Score
- Oct 5, 2021 EPSS Score
- Oct 11, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Jan 10, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Mar 8, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- Jul 1, 2022 EPSS Score
- Aug 28, 2022 EPSS Score
- Oct 25, 2022 EPSS Score