jonschlinkert/defaults-deep

Releases4

Frequency10 months 3 weeks

Last Release over 8 years ago

Stars25

Like `extend` but recursively copies only the missing properties/values to the target object.

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2018-3723 ↗	Jun 7, 2018Thursday, 7 June 2018, 02:29	—	6.5 MEDIUM
defaults-deep node module before 0.2.4 suffers from a Modification of Assumed-Immutable Data (MAID) vulnerability, which allows a malicious user to modify the prototype of "Object" via __proto__, causing the addition or modification of an existing property that will exist on all objects.