Defaults-deep ProjectCVEs & Vulnerabilities
2 CVEs affecting Defaults-deep Project products, tracked from the National Vulnerability Database, with CVSS/EPSS scores and exploitation status.
2 CVEs→ All vendors
Most Affected Products
defaults-deep 2
CVE-2018-16486CRITICAL
A prototype pollution vulnerability was found in defaults-deep <=0.2.4 that would allow a malicious user to inject properties onto Object.prototype.
1 Feb 2019
9.8
CVSS
CVE-2018-3723HIGH
defaults-deep node module before 0.2.4 suffers from a Modification of Assumed-Immutable Data (MAID) vulnerability, which allows a malicious user to modify the prototype of "Object" via __proto__, causing the addition or modification of an existing property that will exist on all objects.
7 Jun 2018
8.8
CVSS
← PrevPage 1 / 1Next →