0.001 Low
EPSS
Percentile
42.0%
The package nested-object-assign before 1.0.4 are vulnerable to Prototype Pollution via the default function, as demonstrated by running the PoC below.
github.com/Geta/NestedObjectAssign/pull/11
snyk.io/vuln/SNYK-JS-NESTEDOBJECTASSIGN-1065977