Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-23497 | 1 Set Project | 1 Set | 2022-02-09 | 7.5 HIGH | 9.8 CRITICAL |
This affects the package @strikeentco/set before 1.0.2. It allows an attacker to cause a denial of service and may lead to remote code execution. **Note:** This vulnerability derives from an incomplete fix in https://security.snyk.io/vuln/SNYK-JS-STRIKEENTCOSET-1038821 | |||||
CVE-2020-28267 | 1 Set Project | 1 Set | 2020-11-24 | 5.0 MEDIUM | 7.5 HIGH |
Prototype pollution vulnerability in '@strikeentco/set' version 1.0.0 allows attacker to cause a denial of service and may lead to remote code execution. |