Improper Control of Dynamically-Managed Code Resources
All versions of package config-handler is vulnerable to Prototype Pollution when loading config files.
Advisories for Npm/Config-Handler package
2021
All versions of package config-handler is vulnerable to Prototype Pollution when loading config files.