Description
This affects all versions of package mout. The deepFillIn function can be used to ‘fill missing properties recursively’, while the deepMixIn mixes objects into the target object, recursively mixing existing child objects as well.
Recommendation
Update the mout package to the latest compatible version. Followings are version details:
- Affected version(s): <= 1.2.3
- Patched version(s): 1.2.4
References
Related Issues
- thlorenz browserify-shim vulnerable to prototype pollution (GHSA-cfgr-75jx-h88g) - CVE-2022-37623
- steal vulnerable to Prototype Pollution via alias variable - CVE-2022-37265
- Prototype Pollution in Dexie - CVE-2022-21189
- steal vulnerable to Prototype Pollution via requestedVersion variable - CVE-2022-37257
- Tags:
- npm
- mout
Anything's wrong? Let us know Last updated on January 30, 2023