Libnested Project Libnested vulnerabilities
2 known vulnerabilities affecting libnested_project/libnested.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2
Vulnerabilities
Page 1 of 1
CVE-2022-25352CRITICALCVSS 9.8fixed in 1.5.22022-03-17
CVE-2022-25352 [CRITICAL] CVE-2022-25352: The package libnested before 1.5.2 are vulnerable to Prototype Pollution via the set function in ind
The package libnested before 1.5.2 are vulnerable to Prototype Pollution via the set function in index.js. **Note:** This vulnerability derives from an incomplete fix for [CVE-2020-28283](https://security.snyk.io/vuln/SNYK-JS-LIBNESTED-1054930)
ghsanvdosv
CVE-2020-28283CRITICALCVSS 9.8≥ 0.0.0, ≤ 1.5.0≥ unspecified, < 1.5.22020-12-29
CVE-2020-28283 [CRITICAL] CVE-2020-28283: Prototype pollution vulnerability in 'libnested' versions 0.0.0 through 1.5.0 allows an attacker to
Prototype pollution vulnerability in 'libnested' versions 0.0.0 through 1.5.0 allows an attacker to cause a denial of service and may lead to remote code execution.
ghsanvdosv