Vulnerability Database
289,599
Total vulnerabilities in the database
CVE-2020-7774
The package y18n before 3.2.2, 4.0.1 and 5.0.5, is vulnerable to Prototype Pollution.
| Software | From | Fixed in |
|---|---|---|
| y18n_project / y18n | 5.0.0 | 5.0.5 |
| y18n_project / y18n | - | 3.2.2 |
| y18n_project / y18n | 4.0.0 | 4.0.0.x |
| oracle / graalvm | 20.3.1.2 | 20.3.1.2.x |
| oracle / graalvm | 21.0.0.2 | 21.0.0.2.x |
| oracle / graalvm | 19.3.5 | 19.3.5.x |
| siemens / sinec_infrastructure_network_services | - | 1.0.1.1 |
y18n
|
- | 3.2.2 |
|
y18n
|
4.0.0 | 4.0.0.x |
|
y18n
|
4.0.0 | 4.0.1 |
|
y18n
|
5.0.0 | 5.0.5 |
- https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
- https://github.com/yargs/y18n/commit/90401eea9062ad498f4f792e3fff8008c4c193a3
- https://github.com/yargs/y18n/commit/a9ac604abf756dec9687be3843e2c93bfe581f25
- https://github.com/yargs/y18n/issues/96
- https://github.com/yargs/y18n/pull/108
- https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1038306
- https://snyk.io/vuln/SNYK-JS-Y18N-1021887
- https://www.oracle.com/security-alerts/cpuApr2021.html