VYPR

npm package

node.extend

pkg:npm/node.extend

Vulnerabilities (1)

  • CVE-2018-16491Feb 1, 2019
    affected < 1.1.7fixed 1.1.7

    A prototype pollution vulnerability was found in node.extend <1.1.7, ~<2.0.1 that allows an attacker to inject arbitrary properties onto Object.prototype.