Vulnerability Database
Blog
FAQ
Docs
GHSA-h3rx-g5c9-8q4x
Source
https://github.com/advisories/GHSA-h3rx-g5c9-8q4x
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/05/GHSA-h3rx-g5c9-8q4x/GHSA-h3rx-g5c9-8q4x.json
Aliases
CVE-2020-7736
SNYK-JS-BMOOR-598664
Published
2021-05-10T18:37:26Z
Modified
2023-11-08T04:04:07.581119Z
Details
The package bmoor before 0.8.12 are vulnerable to Prototype Pollution via the set function.
References
https://nvd.nist.gov/vuln/detail/CVE-2020-7736
https://github.com/b-heilman/bmoor/commit/7d4a086a1dc3ef11ed0b323824d02348734b7da5
https://github.com/b-heilman/bmoor
https://snyk.io/vuln/SNYK-JS-BMOOR-598664
https://www.npmjs.com/package/bmoor
Affected packages
npm
/
bmoor
Package
Name
bmoor
Affected ranges
Type
SEMVER
Events
Introduced
0
The exact introduced commit is unknown
Fixed
0.8.12
GHSA-h3rx-g5c9-8q4x - OSV