23 matches found
1filecompiler (=0.0.2), @adrian.u/adritoolbox (>=1.0.0 <=1.1.0) +801 more potentially affected by CVE-2020-8147 +1 more via utils-extend (=1.0.8)
utils-extend NPM version =1.0.8 is affected by a known vulnerability. The following packages have a transitive dependency on utils-extend and may be impacted: - 1filecompiler =0.0.2 - @adrian.u/adritoolbox =1.0.0, =0.1.1, =0.1.0, =0.1.0, =1.0.2, =0.1.0, =0.0.1, =0.37.8, =1.0.1, =0.1.0, =1.0.2,...
Prototype Pollution
Overview utils-extend is a package to extend nodejs util api. Affected versions of this package are vulnerable to Prototype Pollution. The extend method within utils-extend can be tricked into adding or modifying properties of Object.prototype Note: CVE-2024-57077 is a duplicate of this...
Node.js third-party modules: [utils-extend] Prototype pollution
NOTE! Thanks for submitting a report! Please replace all the square sections below with the pertinent details. Remember, the more detail you provide, the easier it is for us to triage and respond quickly, so be sure to take your time filling out the report! I would like to report prototype poluti...