CVE-2021-23807

Critical

This affects the package jsonpointer before 5.0.0. A type confusion vulnerability can lead to a bypass of a previous Prototype Pollution…

snyk·CWE-843·Published 2021-11-03

CVSS

9.8

EPSS

0.03

KEV

Exploits

cve.orgen

180 chars

This affects the package jsonpointer before 5.0.0. A type confusion vulnerability can lead to a bypass of a previous Prototype Pollution fix when the pointer components are arrays.

NVDen

180 chars

This affects the package jsonpointer before 5.0.0. A type confusion vulnerability can lead to a bypass of a previous Prototype Pollution fix when the pointer components are arrays.

This affects the package `jsonpointer` before `5.0.0`. A type confusion vulnerability can lead to a bypass of a previous Prototype Pollution fix when the pointer components are arrays.

GHSAen

184 chars

This affects the package `jsonpointer` before `5.0.0`. A type confusion vulnerability can lead to a bypass of a previous Prototype Pollution fix when the pointer components are arrays.

NVDes

244 chars

Esto afecta al paquete jsonpointer versiones anteriores a 5.0.0. Una vulnerabilidad de confusión de tipo puede conllevar a una omisión de una corrección anterior de Contaminación de Prototipos cuando los componentes de los punteros son matrices

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	7.5	10.0	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P
3.1	Primary	NVD	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
3.1	Primary	cve.org	5.6	—	—	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
3.1	Primary	cve.org	5.6	—	—	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:O/RC:C
3.1	Secondary	NVD	5.6	2.2	3.4	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
3.1	Secondary	GHSA	5.6	—	—	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L