Vulnerability Details CVE-2020-28479
The package jointjs before 3.3.0 are vulnerable to Denial of Service (DoS) via the unsetByPath function.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 67.3%
CVSS Severity
CVSS v3 Score 5.9
CVSS v2 Score 5.0
References
- https://github.com/clientIO/joint/releases/tag/v3.3.0
- https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1062040
- https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1062039
- https://snyk.io/vuln/SNYK-JS-JOINTJS-1062038
- https://github.com/clientIO/joint/releases/tag/v3.3.0
- https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1062040
- https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1062039
- https://snyk.io/vuln/SNYK-JS-JOINTJS-1062038