VYPR
Critical severityGHSA Advisory· Published Aug 11, 2021· Updated Sep 17, 2024

Prototype Pollution

CVE-2021-23421

Description

All versions of package merge-change are vulnerable to Prototype Pollution via the utils.set function.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
merge-changenpm
<= 1.8.1

Affected products

2

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.