13 matches found
SUSE CVE-2018-3750
The utilities function in all versions = 0.5.0 of the deep-extend node module can be tricked into modifying the prototype of Object when the attacker can control part of the structure passed to this function. This can let an attacker add or modify existing properties that will exist on all object...
Linux Distros Unpatched Vulnerability : CVE-2018-3750
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The utilities function in all versions = 0.5.0 of the deep-extend node module can be tricked into modifying the prototype of Object when the attacker can contro...
RHEL 8 : 10_nodejs-nodemon (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - nodejs-deep-extend: Prototype pollution can allow attackers to modify object properties CVE-2018-3750 Note that...
Rocky Linux 8 : nodejs:12 (RLSA-2021:0549)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:0549 advisory. - The utilities function in all versions = 0.5.0 of the deep-extend node module can be tricked into modifying the prototype of Object when the attacker...
RHEL 7 : rh-nodejs8-nodejs (RHSA-2020:2625)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2625 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The...
RHEL 7 : rh-nodejs12-nodejs (RHSA-2021:0485)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0485 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The...
Security Bulletin: Cloud Pak for Security contains security vulnerabilities
Summary Cloud Pak for Security v 1.6.0.1 and earlier contains security vulnerabilities, addressed in Cloud Pak for Security v 1.7.0.0 Vulnerability Details CVEID: CVE-2020-10543 DESCRIPTION: Perl is vulnerable to a heap-based buffer overflow, caused by an integer overflow in the nested regular...
RHEL 8 : nodejs:12 (RHSA-2021:0549)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0549 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The...
Moderate: Red Hat Security Advisory: rh-nodejs8-nodejs security update
An update for rh-nodejs8-nodejs is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Fedora 28 : nodejs-deep-extend (2018-636f73964f)
Security fix for CVE-2018-3750 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300...
08cms (=1.0.0), 3dshex (>=0.1.0 <=0.5.3) +9447 more potentially affected by CVE-2018-3750 via deep-extend (>=0.2.10 <=0.5.0)
deep-extend NPM version =0.2.10, =0.1.0, =1.0.0, =1.1.0, =4.0.0, =1.0.0, =0.3.12-20180525105709, =1.0.0, =0.0.1, =0.0.1, =0.2.2, =0.2.3 and more Source cves: CVE-2018-3750 Source advisory: OSV:GHSA-HR2V-3952-633Q...
CVE-2018-3750
The utilities function in all versions = 0.5.0 of the deep-extend node module can be tricked into modifying the prototype of Object when the attacker can control part of the structure passed to this function. This can let an attacker add or modify existing properties that will exist on all object...
Fedora Update for nodejs-deep-extend FEDORA-2018-636f73964f
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...