Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:npm/set-value@2.0.1
purl pkg:npm/set-value@2.0.1
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (2)
Vulnerability Summary Aliases
VCID-cu35-t78a-wfcj Prototype Pollution in set-value Versions of `set-value` prior to 3.0.1 or 2.0.1 are vulnerable to Prototype Pollution. The `set` function fails to validate which Object properties it updates. This allows attackers to modify the prototype of Object, causing the addition or modification of an existing property on all objects. ## Recommendation If you are using `set-value` 3.x, upgrade to version 3.0.1 or later. If you are using `set-value` 2.x, upgrade to version 2.0.1 or later. CVE-2019-10747
GHSA-4g88-fppr-53pp
VCID-eq42-z92a-ffet Access of Resource Using Incompatible Type (Type Confusion) This affects the package set-value A type confusion vulnerability can lead to a bypass of CVE-2019-10747 when the user-provided keys used in the path parameter are arrays. CVE-2021-23440
GHSA-4jqc-8m5r-9rpr

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T21:30:59.749167+00:00 GitLab Importer Fixing VCID-eq42-z92a-ffet https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/set-value/CVE-2021-23440.yml 38.4.0
2026-04-16T20:56:55.513571+00:00 GitLab Importer Fixing VCID-cu35-t78a-wfcj https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/set-value/CVE-2019-10747.yml 38.4.0
2026-04-11T22:44:07.766115+00:00 GitLab Importer Fixing VCID-eq42-z92a-ffet https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/set-value/CVE-2021-23440.yml 38.3.0
2026-04-11T22:07:56.974057+00:00 GitLab Importer Fixing VCID-cu35-t78a-wfcj https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/set-value/CVE-2019-10747.yml 38.3.0
2026-04-02T22:54:11.262485+00:00 GitLab Importer Fixing VCID-eq42-z92a-ffet https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/set-value/CVE-2021-23440.yml 38.1.0
2026-04-02T22:20:41.793198+00:00 GitLab Importer Fixing VCID-cu35-t78a-wfcj https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/set-value/CVE-2019-10747.yml 38.1.0
2026-04-02T16:58:12.425841+00:00 GHSA Importer Fixing VCID-eq42-z92a-ffet https://github.com/advisories/GHSA-4jqc-8m5r-9rpr 38.1.0
2026-04-01T16:38:27.992781+00:00 GitLab Importer Fixing VCID-cu35-t78a-wfcj https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/set-value/CVE-2019-10747.yml 38.0.0
2026-04-01T15:57:39.652159+00:00 GHSA Importer Fixing VCID-cu35-t78a-wfcj https://github.com/advisories/GHSA-4g88-fppr-53pp 38.0.0
2026-04-01T13:04:27.149291+00:00 GithubOSV Importer Fixing VCID-cu35-t78a-wfcj https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2019/08/GHSA-4g88-fppr-53pp/GHSA-4g88-fppr-53pp.json 38.0.0
2026-04-01T13:00:58.788442+00:00 GithubOSV Importer Fixing VCID-eq42-z92a-ffet https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/09/GHSA-4jqc-8m5r-9rpr/GHSA-4jqc-8m5r-9rpr.json 38.0.0
2026-04-01T12:48:50.755558+00:00 GitLab Importer Fixing VCID-eq42-z92a-ffet https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/set-value/CVE-2021-23440.yml 38.0.0