EPSS
Percentile
69.0%
set-in is vulnerable to prototype pollution. An attacker is able to inject malicious property types via setIn method and merge object prototypes into it, resulting in prototype pollution vulnerability.
setIn
github.com/ahdinosaur/set-in/blob/dfc226d95cce8129de6708661e06e0c2c06f3490/index.js%23L5
github.com/ahdinosaur/set-in/commit/6bad255961d379e4b1f5fbc52ef9dc8420816f24