dot-object 0.6.0
1 security vulnerability
found in version
0.6.0
Prototype Pollution in dot-object
medium severity CVE-2019-10793
medium severity
CVE-2019-10793
Affected versions:
< 2.1.3
dot-object before 2.1.3 is vulnerable to Prototype Pollution. The set function could be tricked into adding or modifying properties of Object.prototype using a proto payload.
Author did not declare license for this package in the source code.
This package version has a MIT license in the source code, however it was not declared in the source code.
This package version is available.
This package version has not been yanked and is still available for usage.