GHSA-6m85-wvcr-pgw3

Source

https://github.com/advisories/GHSA-6m85-wvcr-pgw3

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/02/GHSA-6m85-wvcr-pgw3/GHSA-6m85-wvcr-pgw3.json

Aliases

• CVE-2020-7737

Published

2022-02-10T20:33:49Z

Modified

2023-11-08T04:04:07.642124Z

Details

All versions of package safetydance are vulnerable to Prototype Pollution via the set function.

References

• https://nvd.nist.gov/vuln/detail/CVE-2020-7737
• https://github.com/gramakri/safetydance
• https://snyk.io/vuln/SNYK-JS-SAFETYDANCE-598687
• https://www.npmjs.com/package/safetydance