Vulnerability Details CVE-2020-7644
fun-map through 3.3.1 is vulnerable to Prototype Pollution. The function assocInM could be tricked into adding or modifying properties of 'Object.prototype' using a '__proto__' payload.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 65.3%
CVSS Severity
CVSS v3 Score 8.1
CVSS v2 Score 6.8
Products affected by CVE-2020-7644
-
cpe:2.3:a:fun-map_project:fun-map:1.0.0
-
cpe:2.3:a:fun-map_project:fun-map:2.0.0
-
cpe:2.3:a:fun-map_project:fun-map:2.0.1
-
cpe:2.3:a:fun-map_project:fun-map:3.0.0
-
cpe:2.3:a:fun-map_project:fun-map:3.0.1
-
cpe:2.3:a:fun-map_project:fun-map:3.1.0
-
cpe:2.3:a:fun-map_project:fun-map:3.1.1
-
cpe:2.3:a:fun-map_project:fun-map:3.2.0
-
cpe:2.3:a:fun-map_project:fun-map:3.2.1
-
cpe:2.3:a:fun-map_project:fun-map:3.3.0
-
cpe:2.3:a:fun-map_project:fun-map:3.3.1