A prototype pollution attack in cached-path-relative versions <=1.0.1 allows an attacker to inject properties on Object.prototype which are then inherited by all the JS objects through the prototype chain causing a DoS attack.
[
{
"vendor": "npm",
"product": "cached-path-relative",
"versions": [
{
"version": "<=1.0.1",
"status": "affected"
}
]
}
]