Vulnerabilities > CVE-2022-21231 - Unspecified vulnerability in Deep-Get-Set Project Deep-Get-Set

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

deep-get-set-project

critical

NVD

Published: 2022-06-24

Updated: 2024-11-21

Summary

All versions of package deep-get-set are vulnerable to Prototype Pollution via the 'deep' function. **Note:** This vulnerability derives from an incomplete fix of [CVE-2020-7715](https://security.snyk.io/vuln/SNYK-JS-DEEPGETSET-598666)

Vulnerable Configurations

Part	Description	Count
Application	Deep-Get-Set_Project Deep GET SET Project Deep GET SET *	1

References

https://snyk.io/vuln/SNYK-JS-DEEPGETSET-2342655
https://snyk.io/vuln/SNYK-JS-DEEPGETSET-2342655