2 matches found
ask (>=1.1.0 <=1.5.0), bid (>=0.1.0 <=1.0.0) +15 more potentially affected by CVE-2018-3749 via deap (>=0.1.2 <=0.2.2)
deap NPM version =0.1.2, =1.1.0, =0.1.0, =0.0.1, =0.1.0, =0.2.0, =0.0.4, =0.1.0, =0.1.0, =0.6.0, =0.3.0, =0.4.0, =0.4.0, =0.4.0, =0.1.0, =0.2.0 and more Source cves: CVE-2018-3749 Source advisory: OSV:GHSA-XG47-R67P-VHV5...
CVE-2018-3749
CVE-2018-3749 affects the deap Node.js module: the utilities function can be abused to perform prototype pollution by modifying Object’s prototype when an attacker controls part of the input structure. This affects all versions