Vulnerability Database
Blog
FAQ
Docs
arrow_forward
search
CVE-2020-7774
See a problem?
Please try reporting it
to the source
first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2020-7774
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-7774.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2020-7774
Aliases
GHSA-c4w7-xm78-47vh
Downstream
ALPINE-CVE-2020-7774
DEBIAN-CVE-2020-7774
OESA-2022-1769
RHSA-2020:5305
RHSA-2020:5499
RHSA-2021:0421
RHSA-2021:0521
RHSA-2021:0548
RHSA-2021:0551
SUSE-SU-2021:2319-1
SUSE-SU-2021:2323-1
SUSE-SU-2021:2326-1
SUSE-SU-2021:2327-1
SUSE-SU-2021:2353-1
SUSE-SU-2021:2354-1
SUSE-SU-2021:2618-1
SUSE-SU-2021:2620-1
UBUNTU-CVE-2020-7774
openSUSE-SU-2021:1059-1
openSUSE-SU-2021:1060-1
openSUSE-SU-2021:1061-1
openSUSE-SU-2021:1113-1
openSUSE-SU-2021:2327-1
openSUSE-SU-2021:2353-1
openSUSE-SU-2021:2354-1
openSUSE-SU-2021:2618-1
openSUSE-SU-2024:11096-1
Related
ALSA-2020:5499
ALSA-2021:0548
ALSA-2021:0551
MGASA-2021-0372
RLSA-2020:5499
RLSA-2021:0548
RLSA-2021:0551
SNYK-JAVA-ORGWEBJARSNPM-1038306
SNYK-JS-Y18N-1021887
SUSE-SU-2021:2319-1
SUSE-SU-2021:2323-1
SUSE-SU-2021:2326-1
SUSE-SU-2021:2327-1
SUSE-SU-2021:2353-1
SUSE-SU-2021:2354-1
SUSE-SU-2021:2618-1
SUSE-SU-2021:2620-1
openSUSE-SU-2021:1059-1
openSUSE-SU-2021:1060-1
openSUSE-SU-2021:1061-1
openSUSE-SU-2021:1113-1
openSUSE-SU-2021:2327-1
openSUSE-SU-2021:2353-1
openSUSE-SU-2021:2354-1
openSUSE-SU-2021:2618-1
openSUSE-SU-2024:11096-1
Published
2020-11-17T13:15:12Z
Modified
2025-08-09T19:01:27Z
Severity
9.8 (Critical)
CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS Calculator
Summary
[none]
Details
The package y18n before 3.2.2, 4.0.1 and 5.0.5, is vulnerable to Prototype Pollution.
References
https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
https://github.com/yargs/y18n/issues/96
https://github.com/yargs/y18n/pull/108
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1038306
https://snyk.io/vuln/SNYK-JS-Y18N-1021887
https://www.oracle.com/security-alerts/cpuApr2021.html
Affected packages
CVE-2020-7774 - OSV