koffee

1 exploit Active since May 2022
CVE-2022-25862 WRITEUP MEDIUM WORKING POC
sds - Prototype Pollution via set Function
This affects the package sds from 0.0.0. The library could be tricked into adding or modifying properties of the Object.prototype by abusing the set function located in js/set.js. **Note:** This vulnerability derives from an incomplete fix to [CVE-2020-7618](https://security.snyk.io/vuln/SNYK-JS-SDS-564123)
CVSS 4.0