Description
This affects all versions of package mout. The deepFillIn function can be used to ‘fill missing properties recursively’, while the deepMixIn mixes objects into the target object, recursively mixing existing child objects as well.
Recommendation
Update the mout package to the latest compatible version. Followings are version details:
- Affected version(s): <= 1.2.3
- Patched version(s): 1.2.4
References
Related Issues
- Grunt-karma vulnerable to prototype pollution - CVE-2022-37602
- Parse Server vulnerable to Prototype Pollution via Cloud Code Webhooks or Cloud Code Triggers - CVE-2022-41878
- Parse Server is vulnerable to Prototype Pollution via Cloud Code Webhooks - CVE-2022-41879
- Remote code execution via MongoDB BSON parser through prototype pollution - CVE-2022-39396
You might also like:
- Tags:
- npm
- mout
Anything's wrong? Let us know Last updated on January 30, 2023


