Prototype Pollution
Overview set-in is a set value of nested associative structure given array of keys Affected versions of this package are vulnerable to Prototype Pollution via the setIn method, as it allows an attacker to merge object prototypes into it. Note: This vulnerability derives from an incomplete fix of...