0.005 Low
EPSS
Percentile
76.3%
All current versions of package merge-change are vulnerable to Prototype Pollution via the utils.set function.
github.com/VladimirShestakov/merge-change
github.com/VladimirShestakov/merge-change/blob/9901f145e06158f284f52de42e6ba5b0f702fb65/utils.js#L89-L123
nvd.nist.gov/vuln/detail/CVE-2021-23421
snyk.io/vuln/SNYK-JS-MERGECHANGE-1310985