{"id":"CVE-2021-25913","details":"Prototype pollution vulnerability in 'set-or-get' version 1.0.0 through 1.2.10 allows an attacker to cause a denial of service and may lead to remote code execution.","aliases":["GHSA-6rv4-4qv6-88g2"],"modified":"2025-11-14T11:31:12.647950Z","published":"2021-02-08T22:15:12.607Z","references":[{"type":"FIX","url":"https://github.com/IonicaBizau/set-or-get.js/commit/82ede5cccb2e8d13e4f62599203a4389f6d8e936"},{"type":"EVIDENCE","url":"https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25913"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/ionicabizau/set-or-get.js","events":[{"introduced":"0"},{"fixed":"82ede5cccb2e8d13e4f62599203a4389f6d8e936"}]}],"versions":["1.0.0","1.1.0","1.2.0","1.2.1","1.2.10","1.2.2","1.2.3","1.2.4","1.2.5","1.2.6","1.2.7","1.2.8","1.2.9"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-25913.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}