All versions of package js-data are vulnerable to Prototype Pollution via the deepFillIn and the set functions. This is an incomplete fix of [CVE-2020-28442](snyk.io/vuln/SNYK-JS-JSDATA-1023655).
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
js-data js-data |