1 matches found
CVE-2018-16491
CVE-2018-16491 describes a prototype pollution vulnerability in node.extend before 1.1.7 and before 2.0.1, enabling an attacker to inject arbitrary properties onto Object.prototype. Affected versions are node.extend <1.1.7, ~