Prototype Pollution

@bunt/app is vulnerable to Prototype Pollution. The vulnerability is due to inadequate parsing and validation of input data via packages qs.ts, which allows arbitrary property injection into objects...

@bunt/cli (>=0.12.0 <=0.28.3), @bunt/project (>=0.12.0 <=0.25.0) +2 more potentially affected by CVE-2024-38989 via @bunt/app (>=0.12.0 <=0.28.3)

@bunt/app NPM version =0.12.0, =0.12.0, =0.12.0, =0.12.0, =0.14.0, =0.28.3 Source cves: CVE-2024-38989 Source advisory: OSV:GHSA-P734-XG27-8CFQ...