Prototype Pollution in getsetdeep

All versions of getsetdeep are vulnerable to prototype pollution. The setDeep function does not restrict the modification of an Object's prototype, which may allow an attacker to add or modify an existing property that will exist on all objects. Recommendation No fix is currently available...

alinex-make (=0.0.3), apifs2swagger (>=0.1.0 <=0.1.2) +72 more potentially affected by unknown CVE via getsetdeep (>=2.0.0 <=2.1.0)

getsetdeep NPM version =2.0.0, =0.1.0, =0.5.0, =0.1.0, =0.1.0, =0.1.0, =0.8.3, =0.0.1, =0.2.4, =0.0.0, =6.20.0, =6.29.0 - docpad-plugin-cachr =2.1.5 and more Source cves: unknown CVE Source advisory: OSV:GHSA-8J49-49JQ-VWCQ...

GHSA-8J49-49JQ-VWCQ Prototype Pollution in getsetdeep

All versions of getsetdeep are vulnerable to prototype pollution. The setDeep function does not restrict the modification of an Object's prototype, which may allow an attacker to add or modify an existing property that will exist on all objects. Recommendation No fix is currently available...

Prototype Pollution

Overview All versions of getsetdeep are vulnerable to prototype pollution. The setDeep function does not restrict the modification of an Object's prototype, which may allow an attacker to add or modify an existing property that will exist on all objects. Recommendation No fix is currently...