NodeJS/extend/3.0.1
Port of jQuery.extend for node.js and the browser
https://www.npmjs.com/package/extend
MIT
1 Security Vulnerabilities
Prototype Pollution in extend
Published date: 2019-02-07T18:03:28Z
CVE: CVE-2018-16492
Links:
Versions of extend prior to 3.0.2 (for 3.x) and 2.0.2 (for 2.x) are vulnerable to Prototype Pollution. The extend() function allows attackers to modify the prototype of Object causing the addition or modification of an existing property that will exist on all objects.
Recommendation
If you're using extend 3.x upgrade to 3.0.2 or later.
If you're using extend 2.x upgrade to 2.0.2 or later.
Affected versions:
["1.0.0", "1.1.0", "1.1.1", "1.1.3", "1.2.0", "1.2.1", "1.3.0", "2.0.0", "2.0.1", "3.0.0", "3.0.1"]
Secure versions:
[3.0.2, 2.0.2]
Recommendation:
Update to version 3.0.2.
13 Other Versions
| Version | License | Security | Released | |
|---|---|---|---|---|
| 3.0.2 | MIT | 2018-07-19 - 20:28 | over 5 years | |
| 3.0.1 | MIT | 1 | 2017-04-28 - 05:36 | almost 7 years |
| 3.0.0 | MIT | 1 | 2015-07-01 - 20:47 | almost 9 years |
| 2.0.2 | MIT | 2018-07-19 - 22:12 | over 5 years | |
| 2.0.1 | MIT | 1 | 2015-04-25 - 18:20 | almost 9 years |
| 2.0.0 | MIT | 1 | 2014-10-01 - 17:18 | over 9 years |
| 1.3.0 | MIT | 1 | 2014-06-20 - 18:12 | almost 10 years |
| 1.2.1 | MIT | 1 | 2013-09-14 - 21:31 | over 10 years |
| 1.2.0 | MIT | 1 | 2013-09-03 - 04:08 | over 10 years |
| 1.1.3 | MIT | 1 | 2012-12-07 - 07:34 | over 11 years |
| 1.1.1 | MIT | 1 | 2012-11-07 - 20:21 | over 11 years |
| 1.1.0 | MIT | 1 | 2012-11-07 - 20:16 | over 11 years |
| 1.0.0 | MIT | 1 | 2011-05-14 - 07:38 | almost 13 years |