npm package
extend
pkg:npm/extend
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-16492 | — | >= 3.0.0, < 3.0.2 | 3.0.2 | Feb 1, 2019 | A prototype pollution vulnerability was found in module extend <2.0.2, ~<3.0.2 that allows an attacker to inject arbitrary properties onto Object.prototype. |
- CVE-2018-16492Feb 1, 2019affected >= 3.0.0, < 3.0.2fixed 3.0.2
A prototype pollution vulnerability was found in module extend <2.0.2, ~<3.0.2 that allows an attacker to inject arbitrary properties onto Object.prototype.