CVE-2020-7637
CVE-2020-7637 affects class-transformer versions prior to 0.3.1. The vulnerability stems from classToPlainFromExist allowing a proto payload to pollute Object.prototype, enabling attacker-controlled modification of object properties. Impact is described as prototype pollution; upstream fixes requ...