Components Vulnerabilities Pricing MCP API

Docs

Find vulnerabilities. Fix fast with AI.

Search components by package, version, or CVE to get started.

Get full component data and automated fixes with Sonatype Guide.

maven

com.novartis.opensource

yada-api

10.1.2

yada-api 10.1.2

Latest

com.novartis.opensource

PublishedJul 20, 2021•Policy

compliance

maven Registry

Developer Trust Score

Recommended Version:x.y.z

Recommended upgrade that meets your policy.

Compare Versions

Get full component data and automated fixes with Sonatype Guide.

maven

com.novartis.opensource

yada-api

10.1.2

yada-api 10.1.2

Latest

com.novartis.opensource

PublishedJul 20, 2021•Policy

compliance

maven Registry

Developer Trust Score

Recommended Version:x.y.z

Recommended upgrade that meets your policy.

Compare Versions

Severity

Critical (0)

High (0)

Medium (1)

Low (0)

CVSS Score

0.010.0

EPSS Score

0.01.0

Malware

KEV StatusPublished

6.5CVE-2018-3721

lodash node module before 4.17.5 suffers from a Modification of Assumed-Immutable Data (MAID) vulnerability via defaultsDeep, merge, and mergeWith functions, which allows a malicious user to modify the prototype of "Object" via __proto__, causing the addition or modification of an existing property that will exist on all objects.

affected

Severity

Critical (0)

High (0)

Medium (1)

Low (0)

CVSS Score

0.010.0

EPSS Score

0.01.0

Malware

KEV StatusPublished

6.5CVE-2018-3721

affected

SeverityMedium

PublishedApr 27, 2018