[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2021-3918":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T02:55:30.529Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":93,"aliases":103,"duplicate_of":9,"upstream":105,"downstream":106,"duplicates":175,"related":176,"reserved_at":9,"published_at":198,"modified_at":199,"state":200,"summary":201,"references_raw":209,"kevs":255,"epss":256,"epss_history":259,"metrics":519,"affected":534},"CVE-2021-3918","json-schema is vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":9,"capec":18},"CWE-1321","Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')","The product receives input from an upstream component that specifies attributes that are to be initialized or updated in an object, but it does not properly control modifications of attributes of the object prototype.","weakness","Incomplete","Variant",[19,67,89],{"id":20,"name":21,"techniques":22},"CAPEC-1","Accessing Functionality Not Properly Constrained by ACLs",[23],{"id":24,"name":25,"tactics":26,"countermeasures":42},"T1574.010","Services File Permissions Weakness",[27,30,33,36,39],{"id":28,"name":29},"TA0110","Persistence",{"id":31,"name":32},"TA0111","Privilege Escalation",{"id":34,"name":35},"TA0030","Defense Evasion",{"id":37,"name":38},"TA0005","Stealth",{"id":40,"name":41},"TA0104","Execution",[43,48,52,57,62],{"id":44,"name":45,"tactic":46},"D3-SWI","Software Inventory",{"name":47},"Model",{"id":49,"name":50,"tactic":51},"D3-AVE","Asset Vulnerability Enumeration",{"name":47},{"id":53,"name":54,"tactic":55},"D3-SBV","Service Binary Verification",{"name":56},"Detect",{"id":58,"name":59,"tactic":60},"D3-SU","Software Update",{"name":61},"Harden",{"id":63,"name":64,"tactic":65},"D3-RS","Restore Software",{"name":66},"Restore",{"id":68,"name":69,"techniques":70},"CAPEC-180","Exploiting Incorrectly Configured Access Control Security Levels",[71],{"id":24,"name":25,"tactics":72,"countermeasures":78},[73,74,75,76,77],{"id":28,"name":29},{"id":31,"name":32},{"id":34,"name":35},{"id":37,"name":38},{"id":40,"name":41},[79,81,83,85,87],{"id":44,"name":45,"tactic":80},{"name":47},{"id":49,"name":50,"tactic":82},{"name":47},{"id":53,"name":54,"tactic":84},{"name":56},{"id":58,"name":59,"tactic":86},{"name":61},{"id":63,"name":64,"tactic":88},{"name":66},{"id":90,"name":91,"techniques":92},"CAPEC-77","Manipulating User-Controlled Variables",[],[94],{"_key":95,"name":96,"source":97,"url":98,"maturity":99,"reliability_score":100,"verified":101,"type":9,"platforms":102,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_65983B976B1E069B","Exploit Reference (huntr.dev)","reference","https://huntr.dev/bounties/bb6ccd63-f505-4e3a-b55f-cd2662c261a9","unknown",0.2,false,[],[104],"GHSA-896r-f27r-55mw",[],[107,109,111,113,115,117,119,121,123,125,127,129,131,133,135,137,139,141,143,145,147,149,151,153,155,157,159,161,163,165,167,169,171,173],{"_key":108},"SUSE-SU-2022:0563-1",{"_key":110},"SUSE-SU-2024:0487-1",{"_key":112},"OPENSUSE-SU-2022:0657-1",{"_key":114},"OPENSUSE-SU-2024:12723-1",{"_key":116},"SUSE-SU-2022:0531-1",{"_key":118},"SUSE-SU-2022:0569-1",{"_key":120},"SUSE-SU-2022:0570-1",{"_key":122},"SUSE-SU-2022:0657-1",{"_key":124},"SUSE-SU-2022:0704-1",{"_key":126},"SUSE-SU-2022:0715-1",{"_key":128},"SUSE-SU-2023:2579-1",{"_key":130},"SUSE-SU-2024:0191-1",{"_key":132},"SUSE-SU-2024:0196-1",{"_key":134},"SUSE-SU-2024:0486-1",{"_key":136},"UBUNTU-CVE-2021-3918",{"_key":138},"USN-6103-1",{"_key":140},"SUSE-RU-2024:0511-1",{"_key":142},"SUSE-SU-2022:1717-1",{"_key":144},"SUSE-SU-2023:2575-1",{"_key":146},"SUSE-SU-2023:2578-1",{"_key":148},"OPENSUSE-SU-2022:0704-1",{"_key":150},"OPENSUSE-SU-2022:0715-1",{"_key":152},"DLA-3228-1",{"_key":154},"MGASA-2022-0463",{"_key":156},"DEBIAN-CVE-2021-3918",{"_key":158},"RHEA-2022:4925",{"_key":160},"RHEA-2022:5139",{"_key":162},"RHEA-2022:5221",{"_key":164},"RHEA-2022:5615",{"_key":166},"RHSA-2021:5171",{"_key":168},"RHSA-2022:0041",{"_key":170},"RHSA-2022:0246",{"_key":172},"RHSA-2022:0350",{"_key":174},"RHSA-2022:4914",[],[177,178,179,180,181,182,183,184,185,186,187,188,189,190,191,192,193,194,195,196,197],{"_key":108},{"_key":110},{"_key":112},{"_key":114},{"_key":116},{"_key":118},{"_key":120},{"_key":122},{"_key":124},{"_key":126},{"_key":128},{"_key":130},{"_key":132},{"_key":134},{"_key":140},{"_key":142},{"_key":144},{"_key":146},{"_key":148},{"_key":150},{"_key":154},"2021-11-13T00:00:00.000Z","2025-01-17T20:02:47.966Z","Modified",{"cisa_kev":101,"cisa_ransomware":101,"cisa_vendor":9,"epss_severity":202,"epss_score":203,"severity":204,"severity_score":205,"severity_version":206,"severity_source":207,"severity_vector":208,"severity_status":200},"low",0.01262,"critical",9.8,"v3.0","cve.org","CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",[210,220,224,229,233,238,242,246,251],{"url":98,"sources":211,"tags":214},[207,212,213],"nvd","osv_npm",[215,216,217,218,219],"Exploit","Issue Tracking","Patch","Third Party Advisory","WEB",{"url":221,"sources":222,"tags":223},"https://github.com/kriszyp/json-schema/commit/22f146111f541d9737e832823699ad3528ca7741",[207,212,213],[217,218,219],{"url":225,"sources":226,"tags":227},"https://lists.debian.org/debian-lts-announce/2022/12/msg00013.html",[207,212,213],[228,218,219],"Mailing List",{"url":230,"sources":231,"tags":232},"https://security.netapp.com/advisory/ntap-20250117-0004/",[207,212],[],{"url":234,"sources":235,"tags":236},"https://nvd.nist.gov/vuln/detail/CVE-2021-3918",[213],[237],"Advisory",{"url":239,"sources":240,"tags":241},"https://github.com/kriszyp/json-schema/commit/b62f1da1ff5442f23443d6be6a92d00e65cba93a",[213],[219],{"url":243,"sources":244,"tags":245},"https://github.com/kriszyp/json-schema/commit/f6f6a3b02d667aa4ba2d5d50cc19208c4462abfa",[213],[219],{"url":247,"sources":248,"tags":249},"https://github.com/kriszyp/json-schema",[213],[250],"PACKAGE",{"url":252,"sources":253,"tags":254},"https://security.netapp.com/advisory/ntap-20250117-0004",[213],[219],[],{"date":257,"score":203,"percentile":258},"2026-06-04",0.7977,[260,264,266,268,271,274,277,280,283,286,289,292,295,297,299,303,306,309,313,316,319,322,325,328,331,333,335,338,342,345,348,351,354,357,360,363,366,369,372,375,377,380,383,386,389,392,395,398,401,404,407,410,413,416,419,422,425,428,431,434,437,440,443,445,447,449,452,454,456,459,462,464,467,469,472,475,478,481,483,487,490,493,496,499,502,505,508,510,512,515],{"date":261,"score":262,"percentile":263},"2025-11-04",0.01638,0.81305,{"date":265,"score":262,"percentile":263},"2025-11-05",{"date":267,"score":262,"percentile":263},"2025-11-06",{"date":269,"score":262,"percentile":270},"2025-11-07",0.81315,{"date":272,"score":262,"percentile":273},"2025-11-08",0.81322,{"date":275,"score":262,"percentile":276},"2025-11-09",0.81318,{"date":278,"score":262,"percentile":279},"2025-11-10",0.81314,{"date":281,"score":262,"percentile":282},"2025-11-11",0.81321,{"date":284,"score":262,"percentile":285},"2025-11-12",0.81332,{"date":287,"score":262,"percentile":288},"2025-11-13",0.8134,{"date":290,"score":262,"percentile":291},"2025-11-14",0.81344,{"date":293,"score":262,"percentile":294},"2025-11-15",0.81341,{"date":296,"score":262,"percentile":294},"2025-11-16",{"date":298,"score":262,"percentile":288},"2025-11-17",{"date":300,"score":301,"percentile":302},"2025-11-18",0.00618,0.6751,{"date":304,"score":301,"percentile":305},"2025-11-19",0.67516,{"date":307,"score":301,"percentile":308},"2025-11-20",0.67509,{"date":310,"score":311,"percentile":312},"2025-11-21",0.0151,0.80618,{"date":314,"score":311,"percentile":315},"2025-11-22",0.80619,{"date":317,"score":311,"percentile":318},"2025-11-23",0.80611,{"date":320,"score":311,"percentile":321},"2025-11-24",0.80612,{"date":323,"score":311,"percentile":324},"2025-11-25",0.80615,{"date":326,"score":311,"percentile":327},"2025-11-26",0.80617,{"date":329,"score":311,"percentile":330},"2025-11-27",0.80621,{"date":332,"score":311,"percentile":321},"2025-11-28",{"date":334,"score":311,"percentile":327},"2025-11-29",{"date":336,"score":311,"percentile":337},"2025-11-30",0.80623,{"date":339,"score":340,"percentile":341},"2025-12-01",0.01199,0.78386,{"date":343,"score":340,"percentile":344},"2025-12-02",0.78394,{"date":346,"score":340,"percentile":347},"2025-12-03",0.78391,{"date":349,"score":311,"percentile":350},"2025-12-04",0.80624,{"date":352,"score":311,"percentile":353},"2025-12-05",0.80632,{"date":355,"score":311,"percentile":356},"2025-12-06",0.80635,{"date":358,"score":311,"percentile":359},"2025-12-07",0.80636,{"date":361,"score":311,"percentile":362},"2025-12-08",0.8064,{"date":364,"score":311,"percentile":365},"2025-12-09",0.80653,{"date":367,"score":311,"percentile":368},"2025-12-10",0.80679,{"date":370,"score":311,"percentile":371},"2025-12-11",0.80692,{"date":373,"score":311,"percentile":374},"2025-12-12",0.80707,{"date":376,"score":311,"percentile":374},"2025-12-13",{"date":378,"score":311,"percentile":379},"2025-12-14",0.80705,{"date":381,"score":311,"percentile":382},"2025-12-15",0.80703,{"date":384,"score":311,"percentile":385},"2025-12-16",0.80712,{"date":387,"score":311,"percentile":388},"2025-12-17",0.80722,{"date":390,"score":311,"percentile":391},"2025-12-18",0.80741,{"date":393,"score":311,"percentile":394},"2025-12-19",0.80748,{"date":396,"score":311,"percentile":397},"2025-12-20",0.8074,{"date":399,"score":311,"percentile":400},"2025-12-21",0.80734,{"date":402,"score":311,"percentile":403},"2025-12-22",0.80733,{"date":405,"score":311,"percentile":406},"2025-12-23",0.80736,{"date":408,"score":311,"percentile":409},"2025-12-24",0.80753,{"date":411,"score":311,"percentile":412},"2025-12-25",0.80771,{"date":414,"score":311,"percentile":415},"2025-12-26",0.80772,{"date":417,"score":311,"percentile":418},"2025-12-27",0.80814,{"date":420,"score":311,"percentile":421},"2025-12-28",0.80759,{"date":423,"score":311,"percentile":424},"2025-12-29",0.80755,{"date":426,"score":311,"percentile":427},"2025-12-30",0.80761,{"date":429,"score":311,"percentile":430},"2025-12-31",0.80775,{"date":432,"score":340,"percentile":433},"2026-01-01",0.78555,{"date":435,"score":340,"percentile":436},"2026-01-02",0.78556,{"date":438,"score":340,"percentile":439},"2026-01-03",0.78552,{"date":441,"score":311,"percentile":442},"2026-01-04",0.80758,{"date":444,"score":311,"percentile":409},"2026-01-05",{"date":446,"score":311,"percentile":442},"2026-01-06",{"date":448,"score":311,"percentile":421},"2026-01-07",{"date":450,"score":311,"percentile":451},"2026-01-08",0.8077,{"date":453,"score":311,"percentile":412},"2026-01-09",{"date":455,"score":311,"percentile":412},"2026-01-10",{"date":457,"score":311,"percentile":458},"2026-01-11",0.80765,{"date":460,"score":311,"percentile":461},"2026-01-12",0.80757,{"date":463,"score":311,"percentile":424},"2026-01-13",{"date":465,"score":311,"percentile":466},"2026-01-14",0.80776,{"date":468,"score":311,"percentile":466},"2026-01-15",{"date":470,"score":311,"percentile":471},"2026-01-16",0.80786,{"date":473,"score":311,"percentile":474},"2026-01-17",0.80793,{"date":476,"score":311,"percentile":477},"2026-01-18",0.80782,{"date":479,"score":311,"percentile":480},"2026-01-19",0.80774,{"date":482,"score":311,"percentile":430},"2026-01-20",{"date":484,"score":485,"percentile":486},"2026-01-21",0.01248,0.78885,{"date":488,"score":485,"percentile":489},"2026-01-22",0.78895,{"date":491,"score":485,"percentile":492},"2026-01-23",0.78922,{"date":494,"score":485,"percentile":495},"2026-01-24",0.78933,{"date":497,"score":485,"percentile":498},"2026-01-25",0.78926,{"date":500,"score":485,"percentile":501},"2026-01-26",0.78923,{"date":503,"score":485,"percentile":504},"2026-01-27",0.78925,{"date":506,"score":485,"percentile":507},"2026-01-28",0.78927,{"date":509,"score":485,"percentile":492},"2026-01-29",{"date":511,"score":485,"percentile":504},"2026-01-30",{"date":513,"score":485,"percentile":514},"2026-01-31",0.78928,{"date":516,"score":517,"percentile":518},"2026-02-01",0.00991,0.76566,[520,524,532],{"source":207,"cvss_v2_0":9,"cvss_v3_0":521,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":205,"baseSeverity":522,"vectorString":208,"impactScore":205,"exploitabilityScore":523},"CRITICAL",10,{"source":212,"cvss_v2_0":525,"cvss_v3_0":529,"cvss_v3_1":530,"cvss_v4_0":9},{"baseScore":526,"baseSeverity":9,"vectorString":527,"impactScore":528,"exploitabilityScore":523},7.5,"AV:N/AC:L/Au:N/C:P/I:P/A:P",6.4,{"baseScore":205,"baseSeverity":522,"vectorString":208,"impactScore":205,"exploitabilityScore":523},{"baseScore":205,"baseSeverity":522,"vectorString":531,"impactScore":205,"exploitabilityScore":523},"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",{"source":213,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":533,"cvss_v4_0":9},{"baseScore":205,"baseSeverity":9,"vectorString":531,"impactScore":205,"exploitabilityScore":523},[535,544,554,563],{"ecosystem":9,"name":536,"vendor":537,"product":538,"cpe_part":539,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":540},"debian linux","debian","debian_linux","o",[541],{"version":542,"is_range":101,"range_type":543,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"10.0","cpe",{"ecosystem":9,"name":545,"vendor":546,"product":545,"cpe_part":547,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":548},"json-schema","json-schema_project","a",[549],{"version":550,"is_range":551,"range_type":543,"version_start":9,"version_start_type":9,"version_end":552,"version_end_type":553,"fixed_in":9},"lt0.4.0",true,"0.4.0","excluding",{"ecosystem":9,"name":555,"vendor":556,"product":555,"cpe_part":547,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":557},"kriszyp/json-schema","kriszyp",[558],{"version":559,"is_range":551,"range_type":207,"version_start":560,"version_start_type":561,"version_end":562,"version_end_type":561,"fixed_in":9},">= unspecified, \u003C= 0.3.0","unspecified","including","0.3.0",{"ecosystem":564,"name":545,"vendor":564,"product":545,"cpe_part":9,"purl_type":565,"purl_namespace":9,"purl_name":545,"source":9,"versions":566},"Npm","npm",[567],{"version":568,"is_range":551,"range_type":569,"version_start":9,"version_start_type":9,"version_end":552,"version_end_type":553,"fixed_in":9},"lt0_4_0","semver"]