Description
This affects all versions of package mout. The deepFillIn function can be used to ‘fill missing properties recursively’, while the deepMixIn mixes objects into the target object, recursively mixing existing child objects as well.
Recommendation
Update the mout package to the latest compatible version. Followings are version details:
- Affected version(s): <= 1.2.3
- Patched version(s): 1.2.4
References
Related Issues
- steal vulnerable to Prototype Pollution via requestedVersion variable - CVE-2022-37257
- steal vulnerable to Prototype Pollution via optionName variable - CVE-2022-37264
- steal vulnerable to Prototype Pollution - CVE-2022-37258
- steal vulnerable to Prototype Pollution via alias variable - CVE-2022-37265
- Tags:
- npm
- mout
Anything's wrong? Let us know Last updated on January 30, 2023