Lucene search

Extend Security Vulnerabilities

cve

CVE-2021-23702

The package object-extend from 0.0.0 are vulnerable to Prototype Pollution via...

9.8CVSS

9.4AI Score

0.003EPSS

2022-02-18 08:15 PM

cve

CVE-2021-25945

Prototype pollution vulnerability in 'js-extend' versions 0.0.1 through 1.0.1 allows attacker to cause a denial of service and may lead to remote code...

9.8CVSS

9.5AI Score

0.007EPSS

2021-05-26 03:15 PM

cve

CVE-2020-7673

node-extend through 0.2.0 is vulnerable to Arbitrary Code Execution. User input provided to the argument A of extend function(A,B,as,isAargs) located within lib/extend.js is executed by the eval function, resulting in code...

9.8CVSS

9.7AI Score

0.085EPSS

2020-06-10 04:15 PM

cve

CVE-2020-8147

Flaw in input validation in npm package utils-extend version 1.0.8 and earlier may allow prototype pollution attack that may result in remote code execution or denial of service of applications using...

9.8CVSS

9.7AI Score

0.015EPSS

2020-04-03 09:15 PM

cve

CVE-2018-16489

A prototype pollution vulnerability was found in just-extend <4.0.0 that allows attack to inject properties onto Object.prototype through its...

9.8CVSS

9.2AI Score

0.004EPSS

2019-02-01 06:29 PM

cve

CVE-2018-16492

A prototype pollution vulnerability was found in module extend <2.0.2, ~<3.0.2 that allows an attacker to inject arbitrary properties onto...

9.8CVSS

9.2AI Score

0.004EPSS

2019-02-01 06:29 PM