CVE-2021-23568
Prototype Pollution in extend2 in npm/extend2
Identifiers
CVE-2021-23568, GHSA-gjm5-83cw-p3p2
Package Slug
npm/extend2
Vulnerability
Prototype Pollution in extend2
Description
The package extend2 is vulnerable to Prototype Pollution via the extend function due to unsafe recursive merge.
Affected Versions
All versions before 1.0.1
Solution
Upgrade to version 1.0.1 or above.
Last Modified
2022-01-13
| source |