Vulnerabilities > DOT Project

DATE CVE VULNERABILITY TITLE RISK
2020-04-06 CVE-2020-7639 Unspecified vulnerability in DOT Project DOT 0.2.0/1.0.1
eivindfjeldstad-dot below 1.0.3 is vulnerable to Prototype Pollution.The function 'set' could be tricked into adding or modifying properties of 'Object.prototype' using a '__proto__' payload.
network
low complexity
dot-project
5.3
2020-03-15 CVE-2020-8141 Code Injection vulnerability in DOT Project DOT 1.1.2
The dot package v1.1.2 uses Function() to compile templates.
network
low complexity
dot-project CWE-94
6.5