3 matches found
CVE-2021-25945
Prototype pollution vulnerability in 'js-extend' versions 0.0.1 through 1.0.1 allows attacker to cause a denial of service and may lead to remote code execution...
192.168.0.172 (=4.6.1), 3nit-utils (>=0.13.0 <=1.0.2) +2496 more potentially affected by CVE-2018-16492 via extend (>=3.0.0 <=3.0.1)
extend NPM version =3.0.0, =0.13.0, =1.3.1, =0.0.1, =1.0.0, =0.1.0, =1.0.0, =3.0.0, =0.1.1, =5.0.0-alpha.1, =1.0.0, =1.0.0, =2018.6.20-0, =2018.8.16-1 and more Source cves: CVE-2018-16492 Source advisory: OSV:GHSA-QRMC-FJ45-QFC2...
GHSA-QRMC-FJ45-QFC2 Prototype Pollution in extend
Versions of extend prior to 3.0.2 for 3.x and 2.0.2 for 2.x are vulnerable to Prototype Pollution. The extend function allows attackers to modify the prototype of Object causing the addition or modification of an existing property that will exist on all objects. Recommendation If you're using...