@graphql-tools/merge
Releases1.49K
Frequency1 day 12 hours
Last Release
A set of utils for faster development of GraphQL tools
CVE History
| CVE | Affected | Published | CVSS v3 | CVSS v2 |
|---|---|---|---|---|
| all versions | 5.6 MEDIUM | — | ||
All versions of package @ianwalter/merge are vulnerable to Prototype Pollution via the main (merge) function. Maintainer suggests using @generates/merger instead. | ||||
| < 1.0.2 | 9.8 CRITICAL | 7.5 HIGH | ||
merge is vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') | ||||
| < 2.1.1 | 7.3 HIGH | 7.5 HIGH | ||
All versions of package merge are vulnerable to Prototype Pollution via _recursiveMerge . | ||||