CVE-2018-16491

Опубликовано: 01 фев. 2019

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 7.5

CVSS3: 9.8

Описание

A prototype pollution vulnerability was found in node.extend <1.1.7, ~<2.0.1 that allows an attacker to inject arbitrary properties onto Object.prototype.

Релиз	Статус	Примечание
bionic	ignored	end of standard support, was needed
cosmic	ignored	end of life
devel	not-affected	3.0.2-1
disco	not-affected	3.0.2-1
eoan	not-affected	3.0.2-1
esm-apps/bionic	needed
esm-apps/focal	not-affected	3.0.2-1
esm-apps/jammy	not-affected	3.0.2-1
esm-apps/noble	not-affected	3.0.2-1
esm-apps/xenial	needed

Показывать по

Ссылки на источники

EPSS

Процентиль: 59%

0.00384

Низкий

7.5 High

CVSS2

9.8 Critical

CVSS3

Связанные уязвимости

CVE-2018-16491

CVSS3: 4.8

redhat

около 7 лет назад

A prototype pollution vulnerability was found in node.extend <1.1.7, ~<2.0.1 that allows an attacker to inject arbitrary properties onto Object.prototype.

CVE-2018-16491

CVSS3: 9.8

nvd

около 7 лет назад

A prototype pollution vulnerability was found in node.extend <1.1.7, ~<2.0.1 that allows an attacker to inject arbitrary properties onto Object.prototype.

CVE-2018-16491

CVSS3: 9.8

debian

около 7 лет назад

A prototype pollution vulnerability was found in node.extend <1.1.7, ~ ...

GHSA-r96c-57pf-9jjm

CVSS3: 9.8

github

почти 7 лет назад

Prototype Pollution in node.extend

EPSS

Процентиль: 59%

0.00384

Низкий

7.5 High

CVSS2

9.8 Critical

CVSS3

CVE-2018-16491

Описание

Пакет node-extend

Ссылки на источники

Связанные уязвимости