Defaults-deep Project Defaults-deep — known CVE vulnerabilities
Every CVE whose affected-product data names Defaults-deep Project Defaults-deep, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2018-16486 — CVSS 9.8 (critical): A prototype pollution vulnerability was found in defaults-deep <=0.2.4 that would allow a malicious user to inject properties onto…
CVE-2018-3723 — CVSS 8.8 (high): defaults-deep node module before 0.2.4 suffers from a Modification of Assumed-Immutable Data (MAID) vulnerability, which allows a malicious…