2 matches found
02-infrastructure (=1.0.0), 02vue_toast_demo (>=1.0.0 <=1.0.4) +12563 more potentially affected by unknown CVE via whet.extend (>=0.9.7 <=0.9.9)
whet.extend NPM version =0.9.7, =1.0.0, =1.0.4, =5.0.0, =1.0.3, =0.0.1, =1.0.2, =2.0.0, =1.0.0, =1.3.3 - 3vot-clay =2.0.1 and more Source cves: unknown CVE Source advisory: SNYK:JS-WHETEXTEND-3178372...
Prototype Pollution
Overview whet.extend is an A sharped version of port of jQuery.extend that actually works on node.js Affected versions of this package are vulnerable to Prototype Pollution due to improper user input sanitization when using the extend and findValue functions. Details Prototype Pollution is a...