This affects the package @tsed/core before 5.65.7. This vulnerability relates to the deepExtend function which is used as part of the utils directory. Depending on if user input is provided, an attacker can overwrite and pollute the object prototype of a program.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: snyk

Published: 2020-10-20T10:25:21.517519Z

Updated: 2024-09-17T02:53:19.004Z

Reserved: 2020-01-21T00:00:00

Link: CVE-2020-7748

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2020-10-20T11:15:12.583

Modified: 2024-11-21T05:37:43.720

Link: CVE-2020-7748

cve-icon Redhat

No data.