sds

npm2 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting sdspage 1 of 1

CVE-2020-7618MEDIUMCVSS 5.3EG 5.3✓ Fixed in 4.0.0
2020-04-07
sds through 3.2.0 is vulnerable to Prototype Pollution.The library could be tricked into adding or modifying properties of the 'Object.prototype' by abusing the 'set' function located in 'js/set.js'.
CVE-2022-25862MEDIUMCVSS 4.0EG 7.5
2022-05-13
This affects the package sds from 0.0.0. The library could be tricked into adding or modifying properties of the Object.prototype by abusing the set function located in js/set.js. **Note:** This vulnerability derives from an incomplete fix…

Check whether sds is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for sds CVEs against the assets you own.

Start Free Scan →