CVE-2020-7706

Critical

The package connie-lang before 0.1.1 are vulnerable to Prototype Pollution in the configuration language library used by connie.

snyk·CWE-1321·Published 2020-08-18

CVSS

9.8

EPSS

0.03

KEV

Exploits

cve.orgen

128 chars

The package connie-lang before 0.1.1 are vulnerable to Prototype Pollution in the configuration language library used by connie.

NVDen

128 chars

The package connie-lang before 0.1.1 are vulnerable to Prototype Pollution in the configuration language library used by connie.

GHSAen

128 chars

The package connie-lang before 0.1.1 are vulnerable to Prototype Pollution in the configuration language library used by connie.

NVDes

159 chars

El paquete connie-lang versiones anteriores a 0.1.1, es vulnerable a Contaminación de Prototipo en la biblioteca de lenguaje de configuración usada por connie.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	7.5	10.0	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P
3.1	Primary	cve.org	9.8	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C
3.1	Primary	cve.org	9.8	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C
3.1	Primary	NVD	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3.1	Secondary	GHSA	9.8	—	—	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3.1	Secondary	NVD	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H