Vulnerabilities > CVE-2022-21231 - Unspecified vulnerability in Deep-Get-Set Project Deep-Get-Set

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

low complexity

deep-get-set-project

NVD

Published: 2022-06-24

Updated: 2022-07-06

Summary

All versions of package deep-get-set are vulnerable to Prototype Pollution via the 'deep' function. **Note:** This vulnerability derives from an incomplete fix of [CVE-2020-7715](https://security.snyk.io/vuln/SNYK-JS-DEEPGETSET-598666)

Vulnerable Configurations

Part	Description	Count
Application	Deep-Get-Set_Project Deep GET SET Project Deep GET SET *	1

References

https://snyk.io/vuln/SNYK-JS-DEEPGETSET-2342655