Vulnerabilities > Dreamerslab

DATE CVE VULNERABILITY TITLE RISK
2019-02-01 CVE-2018-16491 Injection vulnerability in Dreamerslab Node.Extend
A prototype pollution vulnerability was found in node.extend <1.1.7, ~<2.0.1 that allows an attacker to inject arbitrary properties onto Object.prototype.
network
low complexity
dreamerslab CWE-74
7.5
7.5