CVE-2021-23397

Prototype pollution in @ianwalter/merge in npm/@ianwalter/merge

Identifiers

GHSA-42m6-g935-5vmq, CVE-2021-23397

Package Slug

npm/@ianwalter/merge

Vulnerability

Prototype pollution in @ianwalter/merge

Description

All versions of package @ianwalter/merge is vulnerable to Prototype Pollution via the main (merge) function. Maintainer suggests using @generates/merger instead.

Affected Versions

All versions up to 9.0.1

Solution

Unfortunately, there is no solution available yet.

Last Modified

2022-07-27

source