utils-extend (npm) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the npm package utils-extend, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (2)
CVE-2020-8147 — CVSS 9.8 (critical): Flaw in input validation in npm package utils-extend version 1.0.8 and earlier may allow prototype pollution attack that may result in…
CVE-2024-57077 — CVSS 9.1 (critical): The latest version of utils-extend (1.0.8) is vulnerable to Prototype Pollution through the entry function(s) lib.extend. An attacker can…