CVE-2021-25953
npm/putil-merge
Prototype Pollution
Prototype pollution vulnerability in 'putil-merge' allows attacker to cause a denial of service and may lead to remote code execution.
All versions starting from 1.0.0 up to 3.6.6
Upgrade to version 3.7.0 or above.
2021-07-16
source |