{"dataType":"CVE_RECORD","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2020-28458","assignerOrgId":"bae035ff-b466-4ff4-94d0-fc9efd9e1730","assignerShortName":"snyk","dateUpdated":"2024-09-16T23:22:14.200Z","dateReserved":"2020-11-12T00:00:00.000Z","datePublished":"2020-12-16T10:35:20.456Z"},"containers":{"cna":{"title":"Prototype Pollution","datePublic":"2020-12-16T00:00:00.000Z","providerMetadata":{"orgId":"bae035ff-b466-4ff4-94d0-fc9efd9e1730","shortName":"snyk","dateUpdated":"2024-06-21T19:07:12.415Z"},"descriptions":[{"lang":"en","value":"All versions of package datatables.net are vulnerable to Prototype Pollution due to an incomplete fix for https://snyk.io/vuln/SNYK-JS-DATATABLESNET-598806."}],"affected":[{"vendor":"n/a","product":"datatables.net","versions":[{"version":"0","status":"affected","lessThan":"unspecified","versionType":"custom"}]}],"references":[{"url":"https://snyk.io/vuln/SNYK-JS-DATATABLESNET-1016402"},{"url":"https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1051961"},{"url":"https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1051962"},{"url":"https://github.com/DataTables/Dist-DataTables/blob/master/js/jquery.dataTables.js%23L2766"},{"url":"https://github.com/DataTables/DataTablesSrc/commit/a51cbe99fd3d02aa5582f97d4af1615d11a1ea03"},{"url":"https://snyk.io/vuln/SNYK-JS-DATATABLESNET-598806"},{"url":"https://security.netapp.com/advisory/ntap-20240621-0006/"}],"credits":[{"lang":"en","value":"Alessio Della Libera (d3lla)"}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"NETWORK","availabilityImpact":"LOW","baseScore":7.3,"baseSeverity":"HIGH","confidentialityImpact":"LOW","integrityImpact":"LOW","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L","version":"3.1"}}],"problemTypes":[{"descriptions":[{"type":"text","lang":"en","description":"Prototype Pollution"}]}]},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-04T16:40:58.714Z"},"title":"CVE Program Container","references":[{"url":"https://snyk.io/vuln/SNYK-JS-DATATABLESNET-1016402","tags":["x_transferred"]},{"url":"https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSBOWER-1051961","tags":["x_transferred"]},{"url":"https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1051962","tags":["x_transferred"]},{"url":"https://github.com/DataTables/Dist-DataTables/blob/master/js/jquery.dataTables.js%23L2766","tags":["x_transferred"]},{"url":"https://github.com/DataTables/DataTablesSrc/commit/a51cbe99fd3d02aa5582f97d4af1615d11a1ea03","tags":["x_transferred"]},{"url":"https://snyk.io/vuln/SNYK-JS-DATATABLESNET-598806","tags":["x_transferred"]},{"url":"https://security.netapp.com/advisory/ntap-20240621-0006/","tags":["x_transferred"]}]}]},"dataVersion":"5.1"}