Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Prototype Pollution
Vulnerability Description
This affects the package @strikeentco/set before 1.0.2. It allows an attacker to cause a denial of service and may lead to remote code execution. **Note:** This vulnerability derives from an incomplete fix in https://security.snyk.io/vuln/SNYK-JS-STRIKEENTCOSET-1038821
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
N/A
Vulnerability Title
strikeentco set 安全漏洞
Vulnerability Description
Strikeentco Set是个人开发者的一款可通过set来设置对象中数值的 Npm 代码库。 strikeentco set 1.0.2之前版本存在安全漏洞,该漏洞源于软件代码编写存在问题。它允许攻击者可利用该漏洞导致拒绝服务,并可能导致远程代码执行。
CVSS Information
N/A
Vulnerability Type
N/A