1 results (0.004 seconds)
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-25907 – Prototype Pollution
https://notcve.org/view.php?id=CVE-2022-25907
The package ts-deepmerge before 2.0.2 are vulnerable to Prototype Pollution due to missing sanitization of the merge function. El paquete ts-deepmerge versiones anteriores a 2.0.2, es vulnerable a una contaminación de prototipos debido a una falta de saneo de la función merge • https://github.com/voodoocreation/ts-deepmerge/commit/9be5148773343c57be9de39728d6ead18eddf10b https://github.com/voodoocreation/ts-deepmerge/releases/tag/2.0.2 https://security.snyk.io/vuln/SNYK-JS-TSDEEPMERGE-2959975 • CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •