GHSA-77xq-cpvg-7xm2

Source
https://github.com/advisories/GHSA-77xq-cpvg-7xm2
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/05/GHSA-77xq-cpvg-7xm2/GHSA-77xq-cpvg-7xm2.json
Aliases
Published
2021-05-10T19:07:56Z
Modified
2023-11-08T04:04:08.257508Z
Details

This affects the package @tsed/core before 5.65.7. This vulnerability relates to the deepExtend function which is used as part of the utils directory. Depending on if user input is provided, an attacker can overwrite and pollute the object prototype of a program.

References

Affected packages

npm / @tsed/core

Package

Affected ranges

Type
SEMVER
Events
Introduced
0The exact introduced commit is unknown
Fixed
5.65.7