CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-7638

confinit through 0.3.0 is vulnerable to Prototype Pollution.The 'setDeepProperty' function could be tricked into adding or modifying properties of 'Object.prototype' using a '__proto__' payload.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 56.6%

CVSS Severity

CVSS v3 Score 5.3

CVSS v2 Score 5.0

References

https://github.com/davideicardi/confinit/commit/a34e06ca5c1c8b047ef112ef188b2fe30d2a1eab
https://snyk.io/vuln/SNYK-JS-CONFINIT-564433
https://github.com/davideicardi/confinit/commit/a34e06ca5c1c8b047ef112ef188b2fe30d2a1eab
https://snyk.io/vuln/SNYK-JS-CONFINIT-564433

Products affected by CVE-2020-7638

Confinit Project » Confinit » Version: 0.1.0

cpe:2.3:a:confinit_project:confinit:0.1.0
Confinit Project » Confinit » Version: 0.2.0

cpe:2.3:a:confinit_project:confinit:0.2.0
Confinit Project » Confinit » Version: 0.3.0

cpe:2.3:a:confinit_project:confinit:0.3.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-7638

Products

Pricing

Contact Us