Vulnerabilities > Mozilla > Convict > 1.2.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-05-13 | CVE-2022-21190 | Unspecified vulnerability in Mozilla Convict This affects the package convict before 6.2.3. | 7.5 |
| 2022-05-01 | CVE-2022-22143 | Unspecified vulnerability in Mozilla Convict The package convict before 6.2.2 are vulnerable to Prototype Pollution via the convict function due to missing validation of parentKey. | 7.5 |