CVE-2020-7618: Improper Input Validation

April 7, 2020 (updated July 21, 2021)

sds is vulnerable to Prototype Pollution. The library could be tricked into adding or modifying properties of the Object.prototype by abusing the set function located in js/set.js.

References

nvd.nist.gov/vuln/detail/CVE-2020-7618

Detect and mitigate CVE-2020-7618 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →