dustjs-linkedin is vulnerable to prototype pollution. The vulnerability exists because prototype attributes are not properly validated which allows an attacker to inject malicious characteristics to add new properties to a JavaScript application object prototype, overwriting or contaminating the base object.
github.com/advisories/GHSA-c6rp-wrp9-qr4q
github.com/linkedin/dustjs/commit/ddb6523832465d38c9d80189e9de60519ac307c3
github.com/linkedin/dustjs/issues/804
github.com/linkedin/dustjs/pull/805
github.com/linkedin/dustjs/releases/tag/v3.0.0
github.com/linkedin/dustjs/releases/tag/v3.0.1
vuldb.com/?ctiid.216464
vuldb.com/?id.216464