Flaw in input validation in npm package utils-extend version 1.0.8 and earlier may allow prototype pollution attack that may result in remote code execution or denial of service of applications using utils-extend.
References
Link | Resource |
---|---|
https://hackerone.com/reports/801522 | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: hackerone
Published: 2020-04-03T20:52:38
Updated: 2020-04-03T20:52:38
Reserved: 2020-01-28T00:00:00
Link: CVE-2020-8147
JSON object: View
NVD Information
Status : Analyzed
Published: 2020-04-03T21:15:12.780
Modified: 2020-04-06T13:36:46.000
Link: CVE-2020-8147
JSON object: View
Redhat Information
No data.