Advisories for Npm/Dotty package

This affects the package dotty A type confusion vulnerability can lead to a bypass of CVE-2021-25912 when the user-provided keys used in the path parameter are arrays.

Prototype pollution vulnerability in dotty allows attackers to cause a denial of service and may lead to remote code execution.