set-value is vulnerable to Prototype Pollution in versions lower than 3.0.1. The function mixin-deep could be tricked into adding or modifying properties of Object.prototype using any of the constructor, prototype and _proto_ payloads.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
set-value project set-value |