Vulnerabilities > CVE-2021-23442 - Unspecified vulnerability in Cookiex-Deep Project Cookiex-Deep
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
This affects all versions of package @cookiex/deep. The global proto object can be polluted using the __proto__ object.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 5 |
References
- https://github.com/tony-tsx/cookiex-deep/commit/b5bea2b7f34a5fa9abb4446cbd038ecdbcd09c88
- https://github.com/tony-tsx/cookiex-deep/commit/b5bea2b7f34a5fa9abb4446cbd038ecdbcd09c88
- https://github.com/tony-tsx/cookiex-deep/issues/1
- https://github.com/tony-tsx/cookiex-deep/issues/1
- https://snyk.io/vuln/SNYK-JS-COOKIEXDEEP-1582793
- https://snyk.io/vuln/SNYK-JS-COOKIEXDEEP-1582793