{"id":"CVE-2020-28282","details":"Prototype pollution vulnerability in 'getobject' version 0.1.0 allows an attacker to cause a denial of service and may lead to remote code execution.","aliases":["GHSA-957j-59c2-j692"],"modified":"2026-03-14T10:07:06.761009Z","published":"2020-12-29T18:15:12.870Z","references":[{"type":"EVIDENCE","url":"https://github.com/cowboy/node-getobject/blob/aba04a8e1d6180eb39eff09990c3a43886ba8937/lib/getobject.js#L48"},{"type":"EVIDENCE","url":"https://www.whitesourcesoftware.com/vulnerability-database/CVE-2020-28282"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/cowboy/node-getobject","events":[{"introduced":"0"},{"last_affected":"77982939a7df860032cd3cfd95ac984f9eba4867"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"0.1.0"}]}}],"versions":["v0.1.0"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-28282.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}