CVE-2021-23568

The package extend2 before 1.0.1 are vulnerable to Prototype Pollution via the extend function due to unsafe recursive merge.
Configurations

Configuration 1

cpe:2.3:a:eggjs:extend2:*:*:*:*:*:node.js:*:*

Information

Published : 2022-01-10 02:10

Updated : 2022-01-13 07:58


NVD link : CVE-2021-23568

Mitre link : CVE-2021-23568

Products Affected
No products.
CWE
CWE-1321

Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')