[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2020-7774":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T02:55:30.529Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":93,"aliases":115,"duplicate_of":9,"upstream":117,"downstream":118,"duplicates":173,"related":174,"reserved_at":9,"published_at":193,"modified_at":194,"state":195,"summary":196,"references_raw":204,"kevs":250,"epss":251,"epss_history":254,"metrics":513,"affected":531},"CVE-2020-7774","The package y18n before 3.2.2, 4.0.1 and 5.0.5, is vulnerable to Prototype Pollution.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-1321","Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')","The product receives input from an upstream component that specifies attributes that are to be initialized or updated in an object, but it does not properly control modifications of attributes of the object prototype.","weakness","Incomplete","Variant",[19,67,89],{"id":20,"name":21,"techniques":22},"CAPEC-1","Accessing Functionality Not Properly Constrained by ACLs",[23],{"id":24,"name":25,"tactics":26,"countermeasures":42},"T1574.010","Services File Permissions Weakness",[27,30,33,36,39],{"id":28,"name":29},"TA0110","Persistence",{"id":31,"name":32},"TA0111","Privilege Escalation",{"id":34,"name":35},"TA0030","Defense Evasion",{"id":37,"name":38},"TA0005","Stealth",{"id":40,"name":41},"TA0104","Execution",[43,48,52,57,62],{"id":44,"name":45,"tactic":46},"D3-SWI","Software Inventory",{"name":47},"Model",{"id":49,"name":50,"tactic":51},"D3-AVE","Asset Vulnerability Enumeration",{"name":47},{"id":53,"name":54,"tactic":55},"D3-SBV","Service Binary Verification",{"name":56},"Detect",{"id":58,"name":59,"tactic":60},"D3-SU","Software Update",{"name":61},"Harden",{"id":63,"name":64,"tactic":65},"D3-RS","Restore Software",{"name":66},"Restore",{"id":68,"name":69,"techniques":70},"CAPEC-180","Exploiting Incorrectly Configured Access Control Security Levels",[71],{"id":24,"name":25,"tactics":72,"countermeasures":78},[73,74,75,76,77],{"id":28,"name":29},{"id":31,"name":32},{"id":34,"name":35},{"id":37,"name":38},{"id":40,"name":41},[79,81,83,85,87],{"id":44,"name":45,"tactic":80},{"name":47},{"id":49,"name":50,"tactic":82},{"name":47},{"id":53,"name":54,"tactic":84},{"name":56},{"id":58,"name":59,"tactic":86},{"name":61},{"id":63,"name":64,"tactic":88},{"name":66},{"id":90,"name":91,"techniques":92},"CAPEC-77","Manipulating User-Controlled Variables",[],[94,103,111],{"_key":95,"name":96,"source":97,"url":98,"maturity":99,"reliability_score":100,"verified":101,"type":9,"platforms":102,"requires_auth":9,"exploitdb":9,"metasploit":9},"GITHUB_YARGS_Y18N","Y18N","github","https://github.com/yargs/y18n/issues/96","poc",0.3,false,[],{"_key":104,"name":105,"source":106,"url":107,"maturity":108,"reliability_score":109,"verified":101,"type":9,"platforms":110,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_EA1AD88201AF7C0B","Exploit Reference (snyk.io)","reference","https://snyk.io/vuln/SNYK-JS-Y18N-1021887","unknown",0.2,[],{"_key":112,"name":105,"source":106,"url":113,"maturity":108,"reliability_score":109,"verified":101,"type":9,"platforms":114,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_09EACA917B0E89B8","https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1038306",[],[116],"GHSA-c4w7-xm78-47vh",[],[119,121,123,125,127,129,131,133,135,137,139,141,143,145,147,149,151,153,155,157,159,161,163,165,167,169,171],{"_key":120},"ALPINE-CVE-2020-7774",{"_key":122},"UBUNTU-CVE-2020-7774",{"_key":124},"SUSE-SU-2021:2319-1",{"_key":126},"SUSE-SU-2021:2323-1",{"_key":128},"SUSE-SU-2021:2326-1",{"_key":130},"SUSE-SU-2021:2327-1",{"_key":132},"SUSE-SU-2021:2353-1",{"_key":134},"SUSE-SU-2021:2354-1",{"_key":136},"SUSE-SU-2021:2618-1",{"_key":138},"SUSE-SU-2021:2620-1",{"_key":140},"OPENSUSE-SU-2021:1059-1",{"_key":142},"OPENSUSE-SU-2021:1060-1",{"_key":144},"OPENSUSE-SU-2021:1061-1",{"_key":146},"OPENSUSE-SU-2021:1113-1",{"_key":148},"OPENSUSE-SU-2021:2327-1",{"_key":150},"OPENSUSE-SU-2021:2353-1",{"_key":152},"OPENSUSE-SU-2021:2354-1",{"_key":154},"OPENSUSE-SU-2021:2618-1",{"_key":156},"OPENSUSE-SU-2024:11096-1",{"_key":158},"MGASA-2021-0372",{"_key":160},"DEBIAN-CVE-2020-7774",{"_key":162},"RHSA-2020:5305",{"_key":164},"RHSA-2020:5499",{"_key":166},"RHSA-2021:0421",{"_key":168},"RHSA-2021:0521",{"_key":170},"RHSA-2021:0548",{"_key":172},"RHSA-2021:0551",[],[175,176,177,178,179,180,181,182,183,184,185,186,187,188,189,190,191,192],{"_key":124},{"_key":126},{"_key":128},{"_key":130},{"_key":132},{"_key":134},{"_key":136},{"_key":138},{"_key":140},{"_key":142},{"_key":144},{"_key":146},{"_key":148},{"_key":150},{"_key":152},{"_key":154},{"_key":156},{"_key":158},"2020-11-17T12:30:20.482Z","2024-09-16T20:13:29.664Z","Modified",{"cisa_kev":101,"cisa_ransomware":101,"cisa_vendor":9,"epss_severity":197,"epss_score":198,"severity":199,"severity_score":200,"severity_version":201,"severity_source":202,"severity_vector":203,"severity_status":195},"low",0.00469,"critical",9.8,"v3.1","nvd","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",[205,213,216,221,224,228,232,237,241,245],{"url":107,"sources":206,"tags":209},[207,202,208],"cve.org","osv_npm",[210,211,212],"Exploit","Third Party Advisory","WEB",{"url":113,"sources":214,"tags":215},[207,202,208],[210,211,212],{"url":217,"sources":218,"tags":219},"https://github.com/yargs/y18n/pull/108",[207,202,208],[220,211,212],"Patch",{"url":98,"sources":222,"tags":223},[207,202,208],[210,211,212],{"url":225,"sources":226,"tags":227},"https://www.oracle.com/security-alerts/cpuApr2021.html",[207,202,208],[220,211,212],{"url":229,"sources":230,"tags":231},"https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf",[207,202,208],[220,211,212],{"url":233,"sources":234,"tags":235},"https://nvd.nist.gov/vuln/detail/CVE-2020-7774",[208],[236],"Advisory",{"url":238,"sources":239,"tags":240},"https://github.com/yargs/y18n/commit/90401eea9062ad498f4f792e3fff8008c4c193a3",[208],[212],{"url":242,"sources":243,"tags":244},"https://github.com/yargs/y18n/commit/a9ac604abf756dec9687be3843e2c93bfe581f25",[208],[212],{"url":246,"sources":247,"tags":248},"https://github.com/yargs/y18n",[208],[249],"PACKAGE",[],{"date":252,"score":198,"percentile":253},"2026-06-04",0.64893,[255,259,262,265,268,270,273,276,279,282,285,288,291,293,295,299,302,305,308,311,314,317,320,323,325,328,331,334,337,340,343,346,349,351,353,355,358,361,364,367,370,372,375,378,381,384,387,390,393,395,398,401,404,407,410,413,416,420,423,426,429,432,435,438,440,443,446,449,451,453,456,459,462,465,468,471,474,477,479,482,484,487,490,492,495,498,501,504,507,510],{"date":256,"score":257,"percentile":258},"2025-11-04",0.0086,0.74281,{"date":260,"score":257,"percentile":261},"2025-11-05",0.74267,{"date":263,"score":257,"percentile":264},"2025-11-06",0.74266,{"date":266,"score":257,"percentile":267},"2025-11-07",0.74283,{"date":269,"score":257,"percentile":258},"2025-11-08",{"date":271,"score":257,"percentile":272},"2025-11-09",0.74277,{"date":274,"score":257,"percentile":275},"2025-11-10",0.74263,{"date":277,"score":257,"percentile":278},"2025-11-11",0.74265,{"date":280,"score":257,"percentile":281},"2025-11-12",0.74285,{"date":283,"score":257,"percentile":284},"2025-11-13",0.74292,{"date":286,"score":257,"percentile":287},"2025-11-14",0.74296,{"date":289,"score":257,"percentile":290},"2025-11-15",0.74293,{"date":292,"score":257,"percentile":284},"2025-11-16",{"date":294,"score":257,"percentile":281},"2025-11-17",{"date":296,"score":297,"percentile":298},"2025-11-18",0.05388,0.89133,{"date":300,"score":297,"percentile":301},"2025-11-19",0.89137,{"date":303,"score":297,"percentile":304},"2025-11-20",0.89139,{"date":306,"score":257,"percentile":307},"2025-11-21",0.74307,{"date":309,"score":257,"percentile":310},"2025-11-22",0.743,{"date":312,"score":257,"percentile":313},"2025-11-23",0.74286,{"date":315,"score":257,"percentile":316},"2025-11-24",0.74282,{"date":318,"score":257,"percentile":319},"2025-11-25",0.74284,{"date":321,"score":257,"percentile":322},"2025-11-26",0.74289,{"date":324,"score":257,"percentile":284},"2025-11-27",{"date":326,"score":257,"percentile":327},"2025-11-28",0.7428,{"date":329,"score":257,"percentile":330},"2025-11-29",0.74278,{"date":332,"score":257,"percentile":333},"2025-11-30",0.74276,{"date":335,"score":257,"percentile":336},"2025-12-01",0.74409,{"date":338,"score":257,"percentile":339},"2025-12-02",0.74415,{"date":341,"score":257,"percentile":342},"2025-12-03",0.74405,{"date":344,"score":257,"percentile":345},"2025-12-04",0.74271,{"date":347,"score":257,"percentile":348},"2025-12-05",0.74279,{"date":350,"score":257,"percentile":267},"2025-12-06",{"date":352,"score":257,"percentile":327},"2025-12-07",{"date":354,"score":257,"percentile":319},"2025-12-08",{"date":356,"score":257,"percentile":357},"2025-12-09",0.74312,{"date":359,"score":257,"percentile":360},"2025-12-10",0.74343,{"date":362,"score":257,"percentile":363},"2025-12-11",0.74357,{"date":365,"score":257,"percentile":366},"2025-12-12",0.74381,{"date":368,"score":257,"percentile":369},"2025-12-13",0.74387,{"date":371,"score":257,"percentile":369},"2025-12-14",{"date":373,"score":257,"percentile":374},"2025-12-15",0.74391,{"date":376,"score":257,"percentile":377},"2025-12-16",0.74401,{"date":379,"score":257,"percentile":380},"2025-12-17",0.74412,{"date":382,"score":257,"percentile":383},"2025-12-18",0.74434,{"date":385,"score":257,"percentile":386},"2025-12-19",0.7445,{"date":388,"score":257,"percentile":389},"2025-12-20",0.74448,{"date":391,"score":257,"percentile":392},"2025-12-21",0.74441,{"date":394,"score":257,"percentile":392},"2025-12-22",{"date":396,"score":257,"percentile":397},"2025-12-23",0.74435,{"date":399,"score":257,"percentile":400},"2025-12-24",0.74446,{"date":402,"score":257,"percentile":403},"2025-12-25",0.74475,{"date":405,"score":257,"percentile":406},"2025-12-26",0.7447,{"date":408,"score":257,"percentile":409},"2025-12-27",0.74518,{"date":411,"score":257,"percentile":412},"2025-12-28",0.74451,{"date":414,"score":257,"percentile":415},"2025-12-29",0.74447,{"date":417,"score":418,"percentile":419},"2025-12-30",0.00637,0.6983,{"date":421,"score":418,"percentile":422},"2025-12-31",0.6985,{"date":424,"score":418,"percentile":425},"2026-01-01",0.7001,{"date":427,"score":418,"percentile":428},"2026-01-02",0.70003,{"date":430,"score":418,"percentile":431},"2026-01-03",0.70002,{"date":433,"score":418,"percentile":434},"2026-01-04",0.69849,{"date":436,"score":418,"percentile":437},"2026-01-05",0.6984,{"date":439,"score":418,"percentile":422},"2026-01-06",{"date":441,"score":418,"percentile":442},"2026-01-07",0.69864,{"date":444,"score":418,"percentile":445},"2026-01-08",0.69879,{"date":447,"score":418,"percentile":448},"2026-01-09",0.69884,{"date":450,"score":418,"percentile":448},"2026-01-10",{"date":452,"score":418,"percentile":445},"2026-01-11",{"date":454,"score":418,"percentile":455},"2026-01-12",0.69874,{"date":457,"score":418,"percentile":458},"2026-01-13",0.6987,{"date":460,"score":418,"percentile":461},"2026-01-14",0.699,{"date":463,"score":418,"percentile":464},"2026-01-15",0.69906,{"date":466,"score":418,"percentile":467},"2026-01-16",0.69924,{"date":469,"score":418,"percentile":470},"2026-01-17",0.69917,{"date":472,"score":418,"percentile":473},"2026-01-18",0.69898,{"date":475,"score":418,"percentile":476},"2026-01-19",0.69891,{"date":478,"score":418,"percentile":461},"2026-01-20",{"date":480,"score":418,"percentile":481},"2026-01-21",0.69905,{"date":483,"score":418,"percentile":470},"2026-01-22",{"date":485,"score":418,"percentile":486},"2026-01-23",0.69949,{"date":488,"score":418,"percentile":489},"2026-01-24",0.69952,{"date":491,"score":418,"percentile":467},"2026-01-25",{"date":493,"score":418,"percentile":494},"2026-01-26",0.6992,{"date":496,"score":418,"percentile":497},"2026-01-27",0.69922,{"date":499,"score":418,"percentile":500},"2026-01-28",0.69936,{"date":502,"score":418,"percentile":503},"2026-01-29",0.69934,{"date":505,"score":418,"percentile":506},"2026-01-30",0.69941,{"date":508,"score":418,"percentile":509},"2026-01-31",0.69946,{"date":511,"score":418,"percentile":512},"2026-02-01",0.70081,[514,521,528],{"source":207,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":515,"cvss_v4_0":9},{"baseScore":516,"baseSeverity":517,"vectorString":518,"impactScore":519,"exploitabilityScore":520},7.3,"HIGH","CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P",5.7,10,{"source":202,"cvss_v2_0":522,"cvss_v3_0":9,"cvss_v3_1":526,"cvss_v4_0":9},{"baseScore":523,"baseSeverity":9,"vectorString":524,"impactScore":525,"exploitabilityScore":520},7.5,"AV:N/AC:L/Au:N/C:P/I:P/A:P",6.4,{"baseScore":200,"baseSeverity":527,"vectorString":203,"impactScore":200,"exploitabilityScore":520},"CRITICAL",{"source":208,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":529,"cvss_v4_0":9},{"baseScore":516,"baseSeverity":9,"vectorString":530,"impactScore":519,"exploitabilityScore":520},"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",[532,552,564,572],{"ecosystem":533,"name":534,"vendor":533,"product":534,"cpe_part":9,"purl_type":535,"purl_namespace":9,"purl_name":534,"source":9,"versions":536},"Npm","y18n","npm",[537,543,548],{"version":538,"is_range":539,"range_type":540,"version_start":9,"version_start_type":9,"version_end":541,"version_end_type":542,"fixed_in":9},"lt3_2_2",true,"semver","3.2.2","excluding",{"version":544,"is_range":539,"range_type":540,"version_start":545,"version_start_type":546,"version_end":547,"version_end_type":542,"fixed_in":9},"gte4_0_0_lt4_0_1","4.0.0","including","4.0.1",{"version":549,"is_range":539,"range_type":540,"version_start":550,"version_start_type":546,"version_end":551,"version_end_type":542,"fixed_in":9},"gte5_0_0_lt5_0_5","5.0.0","5.0.5",{"ecosystem":9,"name":553,"vendor":554,"product":553,"cpe_part":555,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":556},"graalvm","oracle","a",[557,560,562],{"version":558,"is_range":101,"range_type":559,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"19.3.5","cpe",{"version":561,"is_range":101,"range_type":559,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"20.3.1.2",{"version":563,"is_range":101,"range_type":559,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"21.0.0.2",{"ecosystem":9,"name":565,"vendor":566,"product":567,"cpe_part":555,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":568},"sinec infrastructure network services","siemens","sinec_infrastructure_network_services",[569],{"version":570,"is_range":539,"range_type":559,"version_start":9,"version_start_type":9,"version_end":571,"version_end_type":542,"fixed_in":9},"lt1.0.1.1","1.0.1.1",{"ecosystem":9,"name":534,"vendor":573,"product":534,"cpe_part":555,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":574},"y18n_project",[575,577,579],{"version":576,"is_range":539,"range_type":559,"version_start":9,"version_start_type":9,"version_end":541,"version_end_type":542,"fixed_in":9},"lt3.2.2",{"version":578,"is_range":539,"range_type":559,"version_start":550,"version_start_type":546,"version_end":551,"version_end_type":542,"fixed_in":9},"gte5.0.0_lt5.0.5",{"version":545,"is_range":101,"range_type":559,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9}]