Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
deepHas vulnerable to Prototype Pollution via constructor.prototype
Vulnerability Description
deepHas provides a test for the existence of a nested object key and optionally returns that key. A prototype pollution vulnerability exists in version 1.0.7 of the deephas npm package that allows an attacker to modify global object behavior. This issue was fixed in version 1.0.8.
CVSS Information
N/A
Vulnerability Type
CWE-1321
Vulnerability Title
deepHas 安全漏洞
Vulnerability Description
deepHas是Paul Ryan个人开发者的一个软件库。 deepHas 1.0.7版本存在安全漏洞,该漏洞源于原型污染,可能导致攻击者修改全局对象行为。
CVSS Information
N/A
Vulnerability Type
N/A