Flaw in input validation in npm package utils-extend version 1.0.8 and earlier may allow prototype pollution attack that may result in remote code execution or denial of service of applications using utils-extend.
The product does not properly protect an assumed-immutable element from being modified by an attacker.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Utils-extend | Utils-extend_project | * | 1.0.8 (including) |