VulnerableCode Package Details - pkg:npm/makerjs@0.19.2

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:npm/makerjs@0.19.2

Essentials
History (3)

purl	pkg:npm/makerjs@0.19.2

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-kcdw-pz6q-33g2	Maker.js has Unsafe Property Copying in makerjs.extendObject The `makerjs.extendObject` function copies properties from source objects without proper validation, potentially exposing applications to security risks. The function lacks `hasOwnProperty()` checks and does not filter dangerous keys, allowing inherited properties and potentially malicious properties to be copied to target objects.	CVE-2026-24888 GHSA-2cp6-34r9-54xx

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-05T21:57:35.316192+00:00	GHSA Importer	Fixing	VCID-kcdw-pz6q-33g2	https://github.com/advisories/GHSA-2cp6-34r9-54xx	38.6.0
2026-06-04T16:54:28.949089+00:00	GithubOSV Importer	Fixing	VCID-kcdw-pz6q-33g2	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2026/01/GHSA-2cp6-34r9-54xx/GHSA-2cp6-34r9-54xx.json	38.6.0
2026-06-02T04:49:48.401670+00:00	GitLab Importer	Fixing	VCID-kcdw-pz6q-33g2	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/makerjs/CVE-2026-24888.yml	38.6.0