Vulnerabilities > CVE-2020-7641 - Unspecified vulnerability in Grunt-Util-Property Project Grunt-Util-Property 0.0.1/0.0.2

047910
CVSS 7.8 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
local
low complexity
grunt-util-property-project

Summary

This affects all versions of package grunt-util-property. The function call could be tricked into adding or modifying properties of Object.prototype using a __proto__ payload.