0.001 Low
EPSS
Percentile
31.4%
All versions of component-flatten are vulnerable to Prototype Pollution. The a function could be tricked into adding or modifying properties of Object.prototype using a __proto__ payload.
__proto__
github.com/componentjs/flatten.js
nvd.nist.gov/vuln/detail/CVE-2019-10794
snyk.io/vuln/SNYK-JS-COMPONENTFLATTEN-548907