CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

RedhatCVE•added 2019/10/12 1:35 a.m.•25 views

CVE-2018-16491

A prototype pollution vulnerability was found in node.extend 1.1.7, 2.0.1 that allows an attacker to inject arbitrary properties onto Object.prototype...

9.8CVSS4.4AI score0.00384EPSS

Exploits1References1

OSV•added 2019/02/07 6:17 p.m.•1 views

GHSA-R96C-57PF-9JJM Prototype Pollution in node.extend

Versions of node.extend before 1.1.7 or 2.0.1 are vulnerable to prototype pollution. Recommendation Update to version 1.1.7, 2.0.1 or later...

9.8CVSS7.2AI score0.00384EPSS

Exploits1References4

Github Security Blog•added 2019/02/07 6:17 p.m.•25 views

Prototype Pollution in node.extend

Versions of node.extend before 1.1.7 or 2.0.1 are vulnerable to prototype pollution. Recommendation Update to version 1.1.7, 2.0.1 or later...

9.8CVSS4.2AI score0.00384EPSS

Exploits1References4Affected Software1

Node.js•added 2019/02/06 1:11 a.m.•29 views

Prototype Pollution

Overview Versions of node.extend before 1.1.7 or 2.0.1 are vulnerable to prototype pollution. Recommendation Update to version 1.1.7, 2.0.1 or later. References - HackerOne Report - GitHub Advisory...

7.5CVSS4.1AI score0.00384EPSS

Exploits1Affected Software1

NVD•added 2019/02/01 6:29 p.m.•15 views

CVE-2018-16491

A prototype pollution vulnerability was found in node.extend 1.1.7, 2.0.1 that allows an attacker to inject arbitrary properties onto Object.prototype...

9.8CVSS9.4AI score0.00384EPSS

Exploits1References1

OSV•added 2019/02/01 6:29 p.m.•6 views

CVE-2018-16491

A prototype pollution vulnerability was found in node.extend 1.1.7, 2.0.1 that allows an attacker to inject arbitrary properties onto Object.prototype...

9.8CVSS9.3AI score

Exploits0References1

Prion•added 2019/02/01 6:29 p.m.•20 views

Buffer overflow

A prototype pollution vulnerability was found in node.extend 1.1.7, 2.0.1 that allows an attacker to inject arbitrary properties onto Object.prototype...

7.5CVSS9.3AI score0.00384EPSS

Exploits1References1Affected Software1

UbuntuCve•added 2019/02/01 6:29 p.m.•19 views

CVE-2018-16491

A prototype pollution vulnerability was found in node.extend 1.1.7, 2.0.1 that allows an attacker to inject arbitrary properties onto Object.prototype...

9.8CVSS7.2AI score0.00384EPSS

Exploits1References2

CVE•added 2019/02/01 6:0 p.m.•62 views

CVE-2018-16491

CVE-2018-16491 describes a prototype pollution vulnerability in node.extend before 1.1.7 and before 2.0.1, enabling an attacker to inject arbitrary properties onto Object.prototype. Affected versions are node.extend <1.1.7, ~

9.8CVSS9.2AI score0.00384EPSS

Exploits1References1Affected Software1

Cvelist•added 2019/02/01 6:0 p.m.•20 views

CVE-2018-16491

A prototype pollution vulnerability was found in node.extend 1.1.7, 2.0.1 that allows an attacker to inject arbitrary properties onto Object.prototype...

9.4AI score0.00384EPSS

Exploits1References1

Hacker One•added 2018/10/30 11:42 a.m.•93 views

Node.js third-party modules: Prototype pollution attack in node.extend

I would like to report a prototype pollution vulnerability in node.extend. It allows an attacker to inject properties on Object.prototype. Module module name: node.extend version: 2.0.0 npm page: https://www.npmjs.com/package/node.extend Module Description A port of jQuery.extend that actually...

7.5CVSS1AI score0.00384EPSS

Exploits1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by