0.004 Low
EPSS
Percentile
74.9%
immer is vulnerable to prototype pollution. An attacker is able to exploit the vulnerability to inject arbitrary properties into existing construct prototypes and modify attributes such as __proto__, constructor and prototype.
__proto__
constructor
prototype
github.com/immerjs/immer/commit/da2bd4fa0edc9335543089fe7d290d6a346c40c5
github.com/immerjs/immer/commit/fa671e55ee9bd42ae08cc239102b665a23958237