CVE-2018-3750

Prototype Pollution in deep-extend

Versions of `deep-extend` before 0.5.1 are vulnerable to prototype pollution. ## Recommendation Update to version 0.5.1 or later.

Patch Available

Fix available through Seal Security. No upgrade required, protect your application instantly.

Vulnerability Details

Score

9.8

Score Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Versions

deep-extend < 0.5.1

Severity

Critical

Ecosystem

JavaScript

Publish Date

October 8, 2018

Modified Date

November 7, 2023