CVE-2021-23440

Prototype Pollution in set-value

Description

This affects the package set-value. A type confusion vulnerability can lead to a bypass of CVE-2019-10747 when the user-provided keys used in the path parameter are arrays.

Patch Available

Fix available through Seal Security.  
No upgrade required, protect your application instantly.

Fix without upgrading

Score

Severity

Ecosystem

JavaScript

Publish Date

September 13, 2021

Modified Date

January 14, 2025

Score Vector

Affected Versions