Lucene search
HackeroneCVELIST:CVE-2018-3721HistoryJun 07, 2018 - 2:00 a.m.
CVE-2018-3721
2018-06-0702:00:00
CWE-471
hackerone
www.cve.org
7
lodash node module before 4.17.5 suffers from a Modification of Assumed-Immutable Data (MAID) vulnerability via defaultsDeep, merge, and mergeWith functions, which allows a malicious user to modify the prototype of “Object” via proto, causing the addition or modification of an existing property that will exist on all objects.
CNA Affected
[
{
"product": "lodash node module",
"vendor": "HackerOne",
"versions": [
{
"status": "affected",
"version": "Versions before 4.17.5"
}
]
}
]Related
nessus
nessus
RHEL 8 : lodash (Unpatched Vulnerability)
2024-05-11 00:00:00
osv
osv
Prototype Pollution in lodash
2018-07-26 15:14:52
CVE-2018-3721
2018-06-07 02:29:08
nvd
nvd
CVE-2018-3721
2018-06-07 02:29:08
debiancve
debiancve
CVE-2018-3721
2018-06-07 02:29:08
cve
cve
CVE-2018-3721
2018-06-07 02:29:08
prion
prion
Code injection
2018-06-07 02:29:00
ubuntucve
ubuntucve
CVE-2018-3721
2018-06-07 00:00:00
github
github
Prototype Pollution in lodash
2018-07-26 15:14:52
hackerone
hackerone
Node.js third-party modules: Prototype pollution attack (lodash)
2018-01-30 06:36:13
redhatcve
redhatcve
CVE-2018-3721
2018-02-15 19:19:56
veracode
veracode
Prototype Pollution
2018-02-15 05:19:49
nodejs
nodejs
Prototype Pollution
2018-04-24 14:27:02
ibm
ibm
openvas
openvas
Discourse < 2.3.0.beta10 Multiple Vulnerabilities
2019-06-17 00:00:00
redhat
redhat
kitploit
kitploit