CVE-2021-23574
npm/js-data
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
All versions of package js-data is vulnerable to Prototype Pollution via the deepFillIn and the set functions.
All versions before 3.0.11
Upgrade to version 3.0.11 or above.
2022-01-13
source |