Severity: high

    Prototype Pollution

    set-or-get

    Overview

    Prototype pollution vulnerability in set-or-get version 1.0.0 through 1.2.10 allows an attacker to cause a denial of service and may lead to remote code execution.

    Remediation

    Upgrade to version 1.2.11 or later

    Have content suggestions? Visit npmjs.com/support.

    Advisory timeline

    1. published

      Advisory Published
      Apr 12th, 2021
    2. reported

      Reported by Anonymous
      Apr 12th, 2021