CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-3723

defaults-deep node module before 0.2.4 suffers from a Modification of Assumed-Immutable Data (MAID) vulnerability, which allows a malicious user to modify the prototype of "Object" via __proto__, causing the addition or modification of an existing property that will exist on all objects.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 62.8%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 6.5

References

Products affected by CVE-2018-3723

Defaults-Deep Project » Defaults-Deep » Version: 0.1.0

cpe:2.3:a:defaults-deep_project:defaults-deep:0.1.0
Defaults-Deep Project » Defaults-Deep » Version: 0.1.1

cpe:2.3:a:defaults-deep_project:defaults-deep:0.1.1
Defaults-Deep Project » Defaults-Deep » Version: 0.1.2

cpe:2.3:a:defaults-deep_project:defaults-deep:0.1.2
Defaults-Deep Project » Defaults-Deep » Version: 0.2.0

cpe:2.3:a:defaults-deep_project:defaults-deep:0.2.0
Defaults-Deep Project » Defaults-Deep » Version: 0.2.1

cpe:2.3:a:defaults-deep_project:defaults-deep:0.2.1
Defaults-Deep Project » Defaults-Deep » Version: 0.2.2

cpe:2.3:a:defaults-deep_project:defaults-deep:0.2.2
Defaults-Deep Project » Defaults-Deep » Version: 0.2.3

cpe:2.3:a:defaults-deep_project:defaults-deep:0.2.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-3723

Products

Pricing

Contact Us