Vulnerabilities > CVE-2021-40663 - Unspecified vulnerability in Deep.Assign Project Deep.Assign 0.0.0
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
deep.assign npm package 0.0.0-alpha.0 is vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution').
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
References
- https://github.com/janbialostok/deep-assign/issues/1
- https://github.com/janbialostok/deep-assign/issues/1
- https://security.netapp.com/advisory/ntap-20220826-0002/
- https://security.netapp.com/advisory/ntap-20220826-0002/
- https://www.npmjs.com/package/deep.assign
- https://www.npmjs.com/package/deep.assign