Описание
Prototype pollution vulnerability in 'js-extend' versions 0.0.1 through 1.0.1 allows attacker to cause a denial of service and may lead to remote code execution.
A flaw has been identified in js-extend. A prototype pollution vulnerability allows attackers to cause a denial of service and may lead to remote code execution. The highest threat from this vulnerability is to system availability.
Отчет
This CVE does not affect any Red Hat products, because the flawed 'js-extend' NPM module is not shipped with any Red Hat products.
Дополнительная информация
Статус:
Important
Дефект:
CWE-94
https://bugzilla.redhat.com/show_bug.cgi?id=1965478js-extend: prototype pollution allows attacker to cause a denial of service and may lead to remote code execution
8.2 High
CVSS3
Связанные уязвимости
CVSS3: 9.8
nvd
больше 4 лет назад
Prototype pollution vulnerability in 'js-extend' versions 0.0.1 through 1.0.1 allows attacker to cause a denial of service and may lead to remote code execution.
8.2 High
CVSS3