CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-23328

This affects all versions of package iniparserjs. This vulnerability relates when ini_parser.js is concentrating arrays. Depending on if user input is provided, an attacker can overwrite and pollute the object prototype of a program.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 51.1%

CVSS Severity

CVSS v3 Score 5.6

CVSS v2 Score 6.8

References

https://snyk.io/vuln/SNYK-JS-INIPARSERJS-1065989
https://www.npmjs.com/package/iniparserjs
https://snyk.io/vuln/SNYK-JS-INIPARSERJS-1065989
https://www.npmjs.com/package/iniparserjs

Products affected by CVE-2021-23328

Iniparserjs Project » Iniparserjs » Version: N/A

cpe:2.3:a:iniparserjs_project:iniparserjs:-
Iniparserjs Project » Iniparserjs » Version: 1.0.1

cpe:2.3:a:iniparserjs_project:iniparserjs:1.0.1
Iniparserjs Project » Iniparserjs » Version: 1.0.2

cpe:2.3:a:iniparserjs_project:iniparserjs:1.0.2
Iniparserjs Project » Iniparserjs » Version: 1.0.3

cpe:2.3:a:iniparserjs_project:iniparserjs:1.0.3
Iniparserjs Project » Iniparserjs » Version: 1.0.4

cpe:2.3:a:iniparserjs_project:iniparserjs:1.0.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-23328

Products

Pricing

Contact Us