Geta/NestedObjectAssign on GitHub
CVE History
CVE | Published | CVSS v2 | CVSS v3 |
---|---|---|---|
CVE-2021-23329 | 7.5 HIGH | 5 MEDIUM | |
The package nested-object-assign before 1.0.4 are vulnerable to Prototype Pollution via the default function, as demonstrated by running the PoC below. |