MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLTk5MmYtd2Y0dy14MzZ2

Low

Permalink JSON

Prototype Pollution in merge-objects

Affected Packages	Affected Versions	Fixed Versions
npm:merge-objects PURL: `pkg:npm/merge-objects`	>= 0.0.0	No known fixed version
10 Dependent packages 42 Dependent repositories 763 Downloads last month Affected Version Ranges All affected versions 1.0.0, 1.0.1, 1.0.2, 1.0.3, 1.0.4, 1.0.5

All versions of merge-objects are vulnerable to Prototype Pollution.

No fix is available for this vulnerability at this time. It is our recommendation to use an alternative package.

References: