CVE-2021-25944

High

7.5/10

Summary

Prototype pollution vulnerability in 'deep-defaults' versions 1.0.0 through 1.0.5 allows attacker to cause a denial of service and may lead to remote code execution.

Access Complexity: LOW
AccessVector: NETWORK
Authentication: NONE
Integrity Impact: PARTIAL
Confidentiality Impact: PARTIAL
Availability Impact: PARTIAL

References

Advisory Timeline

Published May 25, 2021

CVE-2021-25944

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS