GMS-2019-120: Prototype Pollution in deap

May 31, 2019 (updated August 4, 2021)

Versions of deap before 1.0.1 are vulnerable to prototype pollution.

Recommendation

Update to version 1.0.1 or later.

References

github.com/advisories/GHSA-xrmp-99wj-p6jc
hackerone.com/reports/310446
nodesecurity.io/advisories/611
snyk.io/vuln/npm:deap:20180415
www.npmjs.com/advisories/611

Detect and mitigate GMS-2019-120 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →