CVE-2020-8147

Summary

Flaw in input validation in npm package utils-extend version 1.0.8 and earlier may allow prototype pollution attack that may result in remote code execution or denial of service of applications using utils-extend.

Affected Software

VendorProductVersion RangeStatus
n/autils-extendversion 1.0.8 and earlieraffected
n/autils-extendNot Fixedaffected

Weaknesses

  • CWE-471: Modification of Assumed-Immutable Data (MAID) (CWE-471)

ADP Enrichment

CVE Program Container

Additional References

References