High severityNVD Advisory· Published Apr 3, 2020· Updated Aug 4, 2024
CVE-2020-8147
CVE-2020-8147
Description
Flaw in input validation in npm package utils-extend version 1.0.8 and earlier may allow prototype pollution attack that may result in remote code execution or denial of service of applications using utils-extend.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
utils-extendnpm | >= 0.0.0 | — |
Affected products
2- npm/utils-extenddescription
Patches
Vulnerability mechanics
References
4- github.com/advisories/GHSA-6pq3-928q-x6w6ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2020-8147ghsaADVISORY
- hackerone.com/reports/801522ghsax_refsource_MISCWEB
- www.npmjs.com/advisories/1502ghsaWEB
News mentions
0No linked articles in our index yet.