Vulnerabilities > Dexie

DATE CVE VULNERABILITY TITLE RISK
2022-05-01 CVE-2022-21189 Unspecified vulnerability in Dexie
The package dexie before 3.2.2, from 4.0.0-alpha.1 and before 4.0.0-alpha.3 are vulnerable to Prototype Pollution in the Dexie.setByKeyPath(obj, keyPath, value) function which does not properly check the keys being set (like __proto__ or constructor).
network
low complexity
dexie
critical
9.8