CVE-2021-23433
npm/algoliasearch-helper
Improperly Controlled Modification of Dynamically-Determined Object Attributes
The package algoliasearch-helper is vulnerable to Prototype Pollution due to use of the merge function.
All versions before 3.6.2
Upgrade to version 3.6.2 or above.
2021-11-24
source |