This affects the package @tsed/core before 5.65.7. This vulnerability relates to the deepExtend function which is used as part of the utils directory. Depending on if user input is provided, an attacker can overwrite and pollute the object prototype of a program.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: snyk
Published: 2020-10-20T10:25:21.517519Z
Updated: 2024-09-17T02:53:19.004Z
Reserved: 2020-01-21T00:00:00
Link: CVE-2020-7748
Vulnrichment
No data.
NVD
Status : Modified
Published: 2020-10-20T11:15:12.583
Modified: 2024-11-21T05:37:43.720
Link: CVE-2020-7748
Redhat
No data.