CVE-2022-25907

Published
View on NVD ↗
CVSS v3
7.5
HIGH
CVSS v2
N/A
Affected
1
PROJECT

Description

The package ts-deepmerge before 2.0.2 are vulnerable to Prototype Pollution due to missing sanitization of the merge function.

voodoocreation/ts-deepmerge
voodoocreation/ts-deepmerge
A TypeScript deep merge function with automatically inferred types.
GitHubGitHub
146