All versions of defaults-deep
are vulnerable to prototype pollution. Provided certain input defaults-deep
can add or modify properties of the Object
prototype. These properties will be present on all objects.
As no patch is currently available for this vulnerability it is our recommendation to select another module that can provide this functionality.