2 matches found
Prototype Pollution
Overview Versions of deeply prior to 1.0.1 are vulnerable to Prototype Pollution. The package fails to validate which Object properties it updates. This allows attackers to modify the prototype of Object, causing the addition or modification of an existing property on all objects. Recommendation...
Prototype Pollution
Overview deeply is an a toolkit for deep structure manipulations, provides deep merge/clone functionality out of the box, and exposes hooks and custom adapters for more control and greater flexibility. Affected versions of this package are vulnerable to Prototype Pollution. The function assign-de...