Affected Products
Vendor / product matrix with CVE counts sourced from the CPE catalog.
Products
1 vendor| Vendor | Products | CVEs | KEV | Avg EPSS | Worst Severity |
|---|---|---|---|---|---|
| 1 | 1 | 0 | 50.0% | CRITICAL |
Related CVEs
1| CVE ID | Description | Severity | CVSS | KEV | EPSS | Published | |
|---|---|---|---|---|---|---|---|
| CVE-2024-38985 | janryWang products depath v1.0.6 and cool-path v1.1.2 were discovered to contain a prototype pollution via the set() method at setIn (lib/index.js:90). This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties. | CRITICAL | 9.8 | — | 50.0% | Mar 28, 2025 |