Improper Input Validation
Prototype pollution vulnerability in json8-merge-patch npm package may allow attackers to inject or modify methods and properties of the global object constructor.
Advisories for Npm/Json8-Merge-Patch package
2020
Prototype pollution vulnerability in json8-merge-patch npm package may allow attackers to inject or modify methods and properties of the global object constructor.