CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-7641

This affects all versions of package grunt-util-property. The function call could be tricked into adding or modifying properties of Object.prototype using a __proto__ payload.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 14.9%

CVSS Severity

CVSS v3 Score 4.0

References

https://github.com/mikaelkaron/grunt-util-property/blob/master/main.js%23L41
https://security.snyk.io/vuln/SNYK-JS-GRUNTUTILPROPERTY-565088
https://github.com/mikaelkaron/grunt-util-property/blob/master/main.js%23L41
https://security.snyk.io/vuln/SNYK-JS-GRUNTUTILPROPERTY-565088

Products affected by CVE-2020-7641

Grunt-Util-Property Project » Grunt-Util-Property » Version: 0.0.1

cpe:2.3:a:grunt-util-property_project:grunt-util-property:0.0.1
Grunt-Util-Property Project » Grunt-Util-Property » Version: 0.0.2

cpe:2.3:a:grunt-util-property_project:grunt-util-property:0.0.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-7641

Products

Pricing

Contact Us