CVE-2020-7720
ADVISORY - githubSummary
The package node-forge before 0.10.0 is vulnerable to Prototype Pollution via the util.setPath function. Note: version 0.10.0 is a breaking change removing the vulnerable functions.
EPSS Score: 0.00209 (0.592)
Common Weakness Enumeration (CWE)
ADVISORY - nist
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
ADVISORY - github
ADVISORY - gitlab
ADVISORY - gitlab
ADVISORY - redhat
Uncontrolled Resource Consumption
Sign in to Docker Scout
See which of your images are affected by this CVE and how to fix them by signing into Docker Scout.
Sign in