0.1.2
12 years ago
3 years ago
Known vulnerabilities in the dotty package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for freeVulnerability | Vulnerable Version |
---|---|
dotty is a package that can access properties of nested objects using dot-path notation. Affected versions of this package are vulnerable to Prototype Pollution. A type confusion vulnerability can lead to a bypass of CVE-2021-25912 when the user-provided keys used in the PoC
How to fix Prototype Pollution? Upgrade | <0.1.2 |