CVE-2020-7618

sds through 3.2.0 is vulnerable to Prototype Pollution.The library could be tricked into adding or modifying properties of the 'Object.prototype' by abusing the 'set' function located in 'js/set.js'.

sds through 3.2.0 is vulnerable to Prototype Pollution.The library could be tricked into adding or modifying properties of the 'Object.prototype' by abusing the 'set' function located in 'js/set.js'.

Affected versions of `sds` are vulnerable to prototype pollution. The `set` function does not restrict the modification of an Object's prototype, which may allow an attacker to add or modify an existing property that will exist on all objects. ## Recommendation Upgrade to version 4.0.0 or later

Affected versions of `sds` are vulnerable to prototype pollution. The `set` function does not restrict the modification of an Object's prototype, which may allow an attacker to add or modify an existing property that will exist on all objects. ## Recommendation Upgrade to version 4.0.0 or later

sds versiones hasta 3.2.0, es vulnerable a una Contaminación de Prototipos. La biblioteca podría ser engañada para agregar o modificar propiedades del "Object.prototype" al abusar de la función "set" ubicada en el archivo "js/set.js".