VDB
KO
HIGH 7.5

GHSA-c497-v8pv-ch6x

Prototype pollution in nested-object-assign

Details

The package nested-object-assign before 1.0.4 is vulnerable to Prototype Pollution via the default function.

Are you affected?

Enter the version of the package you're using.

Affected packages

npm / nested-object-assign
Introduced in: 0 Fixed in: 1.0.4
Fix npm install nested-object-assign@1.0.4

References