Vulnerabilities > Cached Path Relative Project

DATE	CVE	VULNERABILITY TITLE	RISK
2022-01-21	CVE-2021-23518	The package cached-path-relative before 1.1.0 are vulnerable to Prototype Pollution via the cache variable that is set as {} instead of Object.create(null) in the cachedPathRelative function, which allows access to the parent prototype properties when the object is used to create the cached relative path. network low complexity cached-path-relative-project debian critical	9.8
2018-11-06	CVE-2018-16472	Improper Input Validation vulnerability in multiple products A prototype pollution attack in cached-path-relative versions <=1.0.1 allows an attacker to inject properties on Object.prototype which are then inherited by all the JS objects through the prototype chain causing a DoS attack. network low complexity cached-path-relative-project debian CWE-20	7.5

Vulnerabilities > Cached Path Relative Project {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Cached Path Relative Project"}]}