Versions of just-extend
before 4.0.0 are vulnerable to prototype pollution. Provided certain input just-extend
can add or modify properties of the Object
prototype. These properties will be present on all objects.
Update to version 4.0.0
or later.