Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-23624 | 1 Dotty Project | 1 Dotty | 2021-11-05 | 7.5 HIGH | 9.8 CRITICAL |
| This affects the package dotty before 0.1.2. A type confusion vulnerability can lead to a bypass of CVE-2021-25912 when the user-provided keys used in the path parameter are arrays. | |||||
| CVE-2021-25912 | 1 Dotty Project | 1 Dotty | 2021-02-05 | 7.5 HIGH | 9.8 CRITICAL |
| Prototype pollution vulnerability in 'dotty' versions 0.0.1 through 0.1.0 allows attackers to cause a denial of service and may lead to remote code execution. | |||||