CVE-2019-10795
CVE-2019-10795 affects undefsafe prior to 2.0.3. Prototype pollution possible via the a() function using a proto payload to add/modify Object.prototype properties. Impact: remote attacker could manipulate global objects; CVSS ~6.3 (3.1) in provided metrics. Remediation: upgrade undefsafe to 2.0.3...