Vulnerabilities > CVE-2020-7707 - Unspecified vulnerability in Property-Expr Project Property-Expr
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
The package property-expr before 2.0.3 are vulnerable to Prototype Pollution via the setter function.
Vulnerable Configurations
References
- https://github.com/jquense/expr/commit/df846910915d59f711ce63c1f817815bceab5ff7
- https://github.com/jquense/expr/commit/df846910915d59f711ce63c1f817815bceab5ff7
- https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-598857
- https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-598857
- https://snyk.io/vuln/SNYK-JS-PROPERTYEXPR-598800
- https://snyk.io/vuln/SNYK-JS-PROPERTYEXPR-598800