9.8CVSS
9.4AI Score
0.003EPSS
Prototype pollution vulnerability in 'js-extend' versions 0.0.1 through 1.0.1 allows attacker to cause a denial of service and may lead to remote code...
9.8CVSS
9.5AI Score
0.007EPSS
node-extend through 0.2.0 is vulnerable to Arbitrary Code Execution. User input provided to the argument A of extend function(A,B,as,isAargs) located within lib/extend.js is executed by the eval function, resulting in code...
9.8CVSS
9.7AI Score
0.085EPSS
Flaw in input validation in npm package utils-extend version 1.0.8 and earlier may allow prototype pollution attack that may result in remote code execution or denial of service of applications using...
9.8CVSS
9.7AI Score
0.015EPSS
A prototype pollution vulnerability was found in just-extend <4.0.0 that allows attack to inject properties onto Object.prototype through its...
9.8CVSS
9.2AI Score
0.004EPSS
A prototype pollution vulnerability was found in module extend <2.0.2, ~<3.0.2 that allows an attacker to inject arbitrary properties onto...
9.8CVSS
9.2AI Score
0.004EPSS