Vulnerabilities > Mozilla > Convict

DATE CVE VULNERABILITY TITLE RISK
2022-05-13 CVE-2022-21190 Unspecified vulnerability in Mozilla Convict
This affects the package convict before 6.2.3.
network
low complexity
mozilla
critical
 9.8
9.8
2022-05-01 CVE-2022-22143 Unspecified vulnerability in Mozilla Convict
The package convict before 6.2.2 are vulnerable to Prototype Pollution via the convict function due to missing validation of parentKey.
network
low complexity
mozilla
critical
 9.8
9.8