Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

extend 1.2.1 security issue #521

Closed
npapp opened this issue Sep 21, 2018 · 2 comments
Closed

extend 1.2.1 security issue #521

npapp opened this issue Sep 21, 2018 · 2 comments
Assignees
@XiaoningLiu
Labels
security

Comments

@npapp
Copy link

npapp commented Sep 21, 2018

Hey, it's me again, I just want to leave another note for you about a security issue (Prototype pollution attack due to Modification of Assumed-Immutable Data) in the extend version you use.

They fixed the issue here:
justmoon/node-extend#48

(our security scanning tool found this issue, because we use your library)
@XiaoningLiu XiaoningLiu self-assigned this Sep 25, 2018
@XiaoningLiu
Copy link
Member

@npapp Thanks for reporting! Will update to latest extend version.

@XiaoningLiu
Copy link
Member

XiaoningLiu commented Apr 15, 2019
edited

It already updated to latest extent version, thanks for reporting! Will close this issue.

@vinjiang vinjiang closed this as completed May 6, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@XiaoningLiu XiaoningLiu

Labels
security
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@XiaoningLiu @vinjiang @npapp