VYPR

npm package

nested-object-assign

pkg:npm/nested-object-assign

Vulnerabilities (1)

  • CVE-2021-23329Jan 31, 2021
    affected < 1.0.4fixed 1.0.4

    The package nested-object-assign before 1.0.4 are vulnerable to Prototype Pollution via the default function, as demonstrated by running the PoC below.