All versions of package js-data are vulnerable to Prototype Pollution via the deepFillIn function.
9.8CVSS
9.2AI Score
0.005EPSS
All versions of package js-data are vulnerable to Prototype Pollution via the deepFillIn and the set functions. This is an incomplete fix of CVE-2020-28442 .
9.8CVSS
9.3AI Score
0.033EPSS