Vulnerability Details CVE-2018-16489
A prototype pollution vulnerability was found in just-extend <4.0.0 that allows attack to inject properties onto Object.prototype through its functions.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 64.5%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
Products affected by CVE-2018-16489
-
cpe:2.3:a:just-extend_project:just-extend:1.0.0
-
cpe:2.3:a:just-extend_project:just-extend:1.1.0
-
cpe:2.3:a:just-extend_project:just-extend:1.1.1
-
cpe:2.3:a:just-extend_project:just-extend:1.1.10
-
cpe:2.3:a:just-extend_project:just-extend:1.1.15
-
cpe:2.3:a:just-extend_project:just-extend:1.1.16
-
cpe:2.3:a:just-extend_project:just-extend:1.1.17
-
cpe:2.3:a:just-extend_project:just-extend:1.1.18
-
cpe:2.3:a:just-extend_project:just-extend:1.1.19
-
cpe:2.3:a:just-extend_project:just-extend:1.1.20
-
cpe:2.3:a:just-extend_project:just-extend:1.1.21
-
cpe:2.3:a:just-extend_project:just-extend:1.1.22
-
cpe:2.3:a:just-extend_project:just-extend:1.1.23
-
cpe:2.3:a:just-extend_project:just-extend:1.1.24
-
cpe:2.3:a:just-extend_project:just-extend:1.1.25
-
cpe:2.3:a:just-extend_project:just-extend:1.1.26
-
cpe:2.3:a:just-extend_project:just-extend:1.1.27
-
cpe:2.3:a:just-extend_project:just-extend:1.1.5
-
cpe:2.3:a:just-extend_project:just-extend:1.1.7
-
cpe:2.3:a:just-extend_project:just-extend:1.1.8
-
cpe:2.3:a:just-extend_project:just-extend:1.1.9
-
cpe:2.3:a:just-extend_project:just-extend:2.1.0
-
cpe:2.3:a:just-extend_project:just-extend:3.0.0