All versions of package js-data are vulnerable to Prototype Pollution via the deepFillIn function.
9.8CVSS
9.2AI Score
0.007EPSS
All versions of package js-data are vulnerable to Prototype Pollution via the deepFillIn and the set functions. This is an incomplete fix of CVE-2020-28442 .
9.8CVSS
9.3AI Score
0.038EPSS