eggjs/extend2

Releases15

Frequency10 months 1 week

Last Release about 2 years ago

Stars48

Simple function to extend objects

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2021-23568 ↗	Jan 10, 2022Monday, 10 January 2022, 14:10	7.3 HIGH	7.5 HIGH
The package extend2 before 1.0.1 are vulnerable to Prototype Pollution via the extend function due to unsafe recursive merge.