9.8
CVSSv3

CVE-2021-23450

CVSSv4: NA | CVSSv3: 9.8 | CVSSv2: 7.5 | VMScore: 1000 | EPSS: 0.00574 | KEV: Not Included
Published: 17/12/2021 Updated: 21/11/2024

Vulnerability Summary

All versions of package dojo are vulnerable to Prototype Pollution via the setObject function.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

linuxfoundation dojo

oracle communications policy management 12.6.0.0.0

oracle primavera unifier

oracle primavera unifier 18.8

oracle primavera unifier 19.12

oracle primavera unifier 20.12

oracle primavera unifier 21.12

oracle weblogic server 12.2.1.4.0

oracle weblogic server 14.1.1.0.0

debian debian linux 10.0

Vendor Advisories

Debian Bug report logs - #1014785 dojo: CVE-2021-23450 Package: src:dojo; Maintainer for src:dojo is Debian Javascript Maintainers <pkg-javascript-devel@listsaliothdebianorg>; Reported by: Moritz Mühlenhoff <jmm@inutilorg> Date: Mon, 11 Jul 2022 19:57:04 UTC Severity: grave Tags: security, upstream Reply o ...
All versions of package dojo are vulnerable to Prototype Pollution via the setObject function ...