VulnerableCode Package Details - pkg:deb/debian/node-set-value@0.4.0-2?distro=trixie

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:deb/debian/node-set-value@0.4.0-2?distro=trixie

purl	pkg:deb/debian/node-set-value@0.4.0-2?distro=trixie

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-cu35-t78a-wfcj	Prototype Pollution in set-value Versions of `set-value` prior to 3.0.1 or 2.0.1 are vulnerable to Prototype Pollution. The `set` function fails to validate which Object properties it updates. This allows attackers to modify the prototype of Object, causing the addition or modification of an existing property on all objects. ## Recommendation If you are using `set-value` 3.x, upgrade to version 3.0.1 or later. If you are using `set-value` 2.x, upgrade to version 2.0.1 or later.	CVE-2019-10747 GHSA-4g88-fppr-53pp

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-05-01T23:41:09.984181+00:00	Debian Importer	Fixing	VCID-cu35-t78a-wfcj	https://security-tracker.debian.org/tracker/data/json	38.6.0
2026-04-16T09:29:12.938348+00:00	Debian Importer	Fixing	VCID-cu35-t78a-wfcj	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-11T18:19:35.245686+00:00	Debian Importer	Fixing	VCID-cu35-t78a-wfcj	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-03T07:47:15.415970+00:00	Debian Importer	Fixing	VCID-cu35-t78a-wfcj	https://security-tracker.debian.org/tracker/data/json	38.1.0