Описание
@ianwalter/merge Prototype Pollution via merge function
All versions of package @ianwalter/merge are vulnerable to Prototype Pollution via the main (merge) function. @ianwalter/merge is deprecated and the maintainer suggests using @generates/merger instead.
Пакеты
Наименование
@ianwalter/merge
npm
Затронутые версииВерсия исправления
<= 9.0.1
Отсутствует
Связанные уязвимости
CVSS3: 5.6
nvd
больше 3 лет назад
All versions of package @ianwalter/merge are vulnerable to Prototype Pollution via the main (merge) function. Maintainer suggests using @generates/merger instead.