cpe:/a:just-extend_project:just-extend:1.0.0::~~~node.js~~ cpe:/a:just-extend_project:just-extend:1.1.0::~~~node.js~~ cpe:/a:just-extend_project:just-extend:1.1.1::~~~node.js~~ cpe:/a:just-extend_project:just-extend:1.1.5::~~~node.js~~ cpe:/a:just-extend_project:just-extend:1.1.7::~~~node.js~~ cpe:/a:just-extend_project:just-extend:1.1.8::~~~node.js~~ cpe:/a:just-extend_project:just-extend:1.1.9::~~~node.js~~ cpe:/a:just-extend_project:just-extend:1.1.10::~~~node.js~~ cpe:/a:just-extend_project:just-extend:1.1.15::~~~node.js~~ cpe:/a:just-extend_project:just-extend:1.1.16::~~~node.js~~ cpe:/a:just-extend_project:just-extend:1.1.17::~~~node.js~~ cpe:/a:just-extend_project:just-extend:1.1.18::~~~node.js~~ cpe:/a:just-extend_project:just-extend:1.1.19::~~~node.js~~ cpe:/a:just-extend_project:just-extend:1.1.20::~~~node.js~~ cpe:/a:just-extend_project:just-extend:1.1.21::~~~node.js~~ cpe:/a:just-extend_project:just-extend:1.1.22::~~~node.js~~ cpe:/a:just-extend_project:just-extend:1.1.23::~~~node.js~~ cpe:/a:just-extend_project:just-extend:1.1.24::~~~node.js~~ cpe:/a:just-extend_project:just-extend:1.1.25::~~~node.js~~ cpe:/a:just-extend_project:just-extend:1.1.26::~~~node.js~~ cpe:/a:just-extend_project:just-extend:1.1.27::~~~node.js~~ cpe:/a:just-extend_project:just-extend:2.1.0::~~~node.js~~ cpe:/a:just-extend_project:just-extend:3.0.0::~~~node.js~~ CVE-2018-16489 2019-02-01T13:29:00.987-05:00 2019-10-09T19:36:12.423-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov MISC https://hackerone.com/reports/430291 A prototype pollution vulnerability was found in just-extend <4.0.0 that allows attack to inject properties onto Object.prototype through its functions.