Vulnerable Package issue exists @ Npm-extend-3.0.0 in branch master
A prototype pollution vulnerability was found in module extend <2.0.2, ~<3.0.2 that allows an attacker to inject arbitrary properties onto Object.prototype.
Namespace: RobertMickleCx
Repository: NodeGoat
Repository Url: https://github.com/RobertMickleCx/NodeGoat
CxAST-Project: RobertMickleCx/NodeGoat
CxAST platform scan: 3f4864fd-127b-412c-8cca-4b4873ce2f29
Branch: master
Application: NodeGoat
Severity: HIGH
State: NOT_IGNORED
Status: RECURRENT
CWE: CWE-1321
Additional Info
Attack vector: NETWORK
Attack complexity: LOW
Confidentiality impact: HIGH
Availability impact: HIGH
References
Advisory
Disclosure
Pull request
Commit
Vulnerable Package issue exists @ Npm-extend-3.0.0 in branch master
A prototype pollution vulnerability was found in module extend <2.0.2, ~<3.0.2 that allows an attacker to inject arbitrary properties onto Object.prototype.
Namespace: RobertMickleCx
Repository: NodeGoat
Repository Url: https://github.com/RobertMickleCx/NodeGoat
CxAST-Project: RobertMickleCx/NodeGoat
CxAST platform scan: 3f4864fd-127b-412c-8cca-4b4873ce2f29
Branch: master
Application: NodeGoat
Severity: HIGH
State: NOT_IGNORED
Status: RECURRENT
CWE: CWE-1321
Additional Info
Attack vector: NETWORK
Attack complexity: LOW
Confidentiality impact: HIGH
Availability impact: HIGH
References
Advisory
Disclosure
Pull request
Commit