EPSS
Percentile
77.9%
set-value is vulnerable to prototype pollution. A lack of validation allows an attacker to inject properties and objects into existing construct prototype that would result in arbitrary code execution.
github.com/jonschlinkert/set-value/commit/95e9d9923f8a8b4a01da1ea138fcc39ec7b6b15f
lists.apache.org/thread.html/b46f35559c4a97cf74d2dd7fe5a48f8abf2ff37f879083920af9b292@%3Cdev.drat.apache.org%3E
research.prod.srcclr.io/artifacts/32075