VDB
DEBIAN-CVE-2020-8116
DEBIAN-CVE-2020-8116
PUBLISHED
CVSS 7.300000190734863 HIGH
Prototype pollution vulnerability in dot-prop npm package versions before 4.2.1 and versions 5.x before 5.1.1 allows an attacker to add arbitrary properties to JavaScript language constructs such as objects.
Risk Scores
CVSS v3.1
7.300000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:11 | node-dot-prop | 0, 0, 0 |
| Debian:12 | node-dot-prop | 0, 0, 0 |
| Debian:13 | node-dot-prop | 0, 0, 0 |
| Debian:14 | node-dot-prop | 0, 0, 0 |
Timeline
- Feb 4, 2020 CVE Published
- Apr 28, 2026 CVE Updated