CVE-2021-25952
npm/just-safe-set
Improperly Controlled Modification of Dynamically-Determined Object Attributes
Prototype pollution vulnerability in ‘just-safe-set’ allows an attacker to cause a denial of service and may lead to remote code execution.
All versions starting from 1.0.0 up to 2.2.1
Upgrade to version 2.2.2 or above.
2021-07-12
source |