CVE-2021-3805 — Vulnetix

Try Vulnetix Request Demo

CVE-2021-3805 PUBLISHED CVSS 7.5 HIGH

Reported by @huntrdev · Published September 17, 2021

object-path is vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')

Risk Scores

CVSS v3.0

7.5

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

Vendor	Product	Versions
mariocasciaro	mariocasciaro/object-path	unspecified
mariocasciaro	mariocasciaro/object-path	unspecified, *
npm	object-path	0

Timeline

Sep 17, 2021 CVE Published
Sep 17, 2021 EPSS Score
Oct 5, 2021 EPSS Score
Oct 11, 2021 EPSS Score
Jan 6, 2022 EPSS Score
Jan 9, 2022 EPSS Score
Feb 4, 2022 EPSS Score
Mar 6, 2022 EPSS Score
Apr 1, 2022 EPSS Score
Jun 28, 2022 EPSS Score
Aug 25, 2022 EPSS Score
Oct 21, 2022 EPSS Score

References

Open in Interactive Console →