2 matches found
yeikos js.merge security vulnerability
yeikos js.merge is an application by the individual developers at Yeikos USA. It provides tools for merging js. A security vulnerability exists in yeikos js.merge. The vulnerability stems from the fact that all merges of related branches are susceptible to the prototype of this codebase. The...
Prototype Pollution in yeikos/js.merge
Overview merge is used to merge multiple objects into one object. Affected versions of this package are vulnerable to Prototype Pollution via the merge.recursive function. It can be tricked into adding or modifying properties of the Object prototype. These properties will be present on all object...