0.003 Low
EPSS
Percentile
65.9%
immer is vulnerable prototype pollution. The vulnerability was introduced by the fix provided for CVE-2020-28477 which allows insecure modification of Object Prototype Attributes.
github.com/immerjs/immer/commit/fa671e55ee9bd42ae08cc239102b665a23958237
huntr.dev/bounties/23d38099-71cd-42ed-a77a-71e68094adfa