Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:npm/madlib-object-utils@0.1.8
Typenpm
Namespace
Namemadlib-object-utils
Version0.1.8
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version0.1.8
Latest_non_vulnerable_version0.1.8
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-wee4-6gew-nbdd
vulnerability_id VCID-wee4-6gew-nbdd
summary 
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
The package madlib-object-utils before 0.1.8 is vulnerable to Prototype Pollution via the setValue method, as it allows an attacker to merge object prototypes into it. Note, This vulnerability derives from an incomplete fix of CVE-2020-7701
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-24279
reference_id
reference_type
scores
0
value 0.00523
scoring_system epss
scoring_elements 0.67207
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-24279
1
reference_url https://github.com/Qwerios/madlib-object-utils/commit/8d5d54c11c8fb9a7980a99778329acd13e3ef98f
reference_id
reference_type
scores
url https://github.com/Qwerios/madlib-object-utils/commit/8d5d54c11c8fb9a7980a99778329acd13e3ef98f
2
reference_url https://snyk.io/vuln/SNYK-JS-MADLIBOBJECTUTILS-2388572
reference_id
reference_type
scores
url https://snyk.io/vuln/SNYK-JS-MADLIBOBJECTUTILS-2388572
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-24279
reference_id CVE-2022-24279
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2022-24279
4
reference_url https://github.com/advisories/GHSA-pfv6-prqm-85q8
reference_id GHSA-pfv6-prqm-85q8
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-pfv6-prqm-85q8
fixed_packages
0
url pkg:npm/madlib-object-utils@0.1.8
purl pkg:npm/madlib-object-utils@0.1.8
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:npm/madlib-object-utils@0.1.8
aliases CVE-2022-24279, GHSA-pfv6-prqm-85q8
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wee4-6gew-nbdd
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:npm/madlib-object-utils@0.1.8