merge-options is vulnerable to prototype pollution attacks. The vulnerability exists in the utility function where the prototype of Object
can be overwritten to add or modify existing property on all objects.
CPE | Name | Operator | Version |
---|---|---|---|
merge-options | le | 1.0.0 |