0.007 Low
EPSS
Percentile
81.0%
deep-defaults is vulnerable to prototype pollution. The vulnerability exists as it is possible to overwrite Object.prototype with arbitrary object properties in the _deepDefaults () function.
Object.prototype
_deepDefaults ()
github.com/d5/deep-defaults/commit/5d34c45974005dc674f9fd34617e721f4dd23feb#diff-92bbac9a308cd5fcf9db165841f2d90ce981baddcb2b1e26cfff170929af3bd1R11
www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25944