VDB

GCVE-110-MAGEIA-2020-230

GCVE-110-MAGEIA-2020-230
Advisory Published
Vulnetix · Advisory published May 27, 2020
Updated nodejs-set-value package fixes security vulnerability: A vulnerability was found in NOdejs set-value, where set-value is vulnerable to prototype Pollution in versions lower than 3.0.1. The function mixin-deep could be tricked into adding or modifying properties of Object.prototype using any of the constructor, prototype and _proto_ payloads (CVE-2019-10747).

Affected Products

VendorProductVersionsPlatforms
Mageiaduplicity0 (affected), 0.8.17-2.mga7 (unaffected)
Mageianodejs-set-value0 (affected), 3.0.2-1.mga7 (unaffected), 0 (affected), 3.0.2-1.mga7 (unaffected)

Browse GCVE Records

73,053 records in the GCVE database · Updated July 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›