HIGH 7.5
GHSA-pfv6-prqm-85q8
Prototype Pollution in madlib-object-utils
Details
The package madlib-object-utils before version 0.1.8 is vulnerable to Prototype Pollution via the `setValue` method, as it allows an attacker to merge object prototypes into it. *Note:* This vulnerability derives from an incomplete fix of [CVE-2020-7701](https://security.snyk.io/vuln/SNYK-JS-MADLIBOBJECTUTILS-598676)
Are you affected?
Enter the version of the package you're using.
Affected packages
npm / madlib-object-utils
Introduced in:
0 Fixed in: 0.1.8 Fix
npm install madlib-object-utils@0.1.8