EPSS
Percentile
79.9%
gedi is vulnerable to prototype pollution. The vulnerability exists as it does not restrict the __proto__ header to be set through the set function.
__proto__
set
github.com/HoLyVieR/prototype-pollution-nsec18/blob/master/paper/JavaScript_prototype_pollution_attack_in_NodeJS.pdf