Vulnerability Database
Blog
FAQ
Docs
GHSA-6m85-wvcr-pgw3
Source
https://github.com/advisories/GHSA-6m85-wvcr-pgw3
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/02/GHSA-6m85-wvcr-pgw3/GHSA-6m85-wvcr-pgw3.json
Aliases
CVE-2020-7737
Published
2022-02-10T20:33:49Z
Modified
2023-11-08T04:04:07.642124Z
Details
All versions of package safetydance are vulnerable to Prototype Pollution via the set function.
References
https://nvd.nist.gov/vuln/detail/CVE-2020-7737
https://github.com/gramakri/safetydance
https://snyk.io/vuln/SNYK-JS-SAFETYDANCE-598687
https://www.npmjs.com/package/safetydance
Affected packages
npm
/
safetydance
Package
Name
safetydance
Affected ranges
Type
SEMVER
Events
Introduced
0
The exact introduced commit is unknown
Last affected
1.1.1
GHSA-6m85-wvcr-pgw3 - OSV