First published: Thu Nov 12 2020(Updated: )
Prototype pollution vulnerability in 'object-hierarchy-access' versions 0.2.0 through 0.32.0 allows attacker to cause a denial of service and may lead to remote code execution.
Credit: vulnerabilitylab@mend.io
Affected Software | Affected Version | How to fix |
---|---|---|
Mjpclab Object-hierarchy-access | >=0.2.0<=0.32.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-28270 is a prototype pollution vulnerability in 'object-hierarchy-access' versions 0.2.0 through 0.32.0.
'object-hierarchy-access' versions 0.2.0 through 0.32.0 are affected by CVE-2020-28270.
CVE-2020-28270 has a severity rating of 9.8 (critical).
An attacker can exploit CVE-2020-28270 to cause a denial of service and potentially execute remote code.
To fix CVE-2020-28270, it is recommended to update the 'object-hierarchy-access' to a version higher than 0.32.0.