CVE-2020-28477

Name
CVE-2020-28477
Description
This affects all versions of package immer.
NVD Severity
medium
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
Exploit https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1061986
Broken Link https://github.com/immerjs/immer/blob/master/src/plugins/patches.ts%23L213
Exploit https://snyk.io/vuln/SNYK-JS-IMMER-1019369

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:immer_project:immer:*:*:*:*:*:node.js:*:* immer >= None < 8.0.1

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
immer edge-community 0.8.1-r0 Bart Ribbers <bribbers@disroot.org> possibly vulnerable