npm›confucious›CVE-2020-77149.8 CRITICALImproper Input ValidationThe confucious package is vulnerable to Prototype Pollution via the set function.