Critical severity9.8NVD Advisory· Published Jun 17, 2024· Updated Apr 15, 2026
CVE-2024-36582
CVE-2024-36582
Description
alexbinary object-deep-assign 1.0.11 is vulnerable to Prototype Pollution via the extend() method of Module.deepAssign (/src/index.js)
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
@alexbinary/object-deep-assignnpm | <= 1.0.11 | — |
Affected products
1Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.