VYPR
High severity8.8NVD Advisory· Published Jun 7, 2018· Updated Jun 17, 2026

CVE-2018-3723

CVE-2018-3723

Description

defaults-deep node module before 0.2.4 suffers from a Modification of Assumed-Immutable Data (MAID) vulnerability, which allows a malicious user to modify the prototype of "Object" via __proto__, causing the addition or modification of an existing property that will exist on all objects.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
defaults-deepnpm
< 0.2.40.2.4

Affected products

2
  • ghsa-coords
    Range: < 0.2.4
  • HackerOne/defaults-deep node modulev5
    Range: Versions before 0.2.4

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.