GHSA-2C4M-G7RX-63Q7 set-in Affected by Prototype Pollution
Summary A prototype pollution vulnerability exists in the the npm package set-in =2.0.1. Despite a previous fix that attempted to mitigate prototype pollution by checking whether user input contained a forbidden key, it is still possible to pollute Object.prototype via a crafted input using...