CVE-2020-7644

CVE-2020-7644 affects fun-map up to version 3.3.1, with prototype pollution via the assocInM function that can add/modify Object.prototype properties using a proto payload. Reported across NVD and multiple feeds (Red Hat, GHSA, OSV, CNVD, CN...); CVSS scores indicate 6.8 (2.0/AV:N/AC:M) and 8.1 (...