CVE-2022-24802

Publication date

2022-03-31 23:15:15

Family

GitHub_M

State

PUBLISHED

Description

deepmerge-ts is a typescript library providing functionality to deep merging of javascript objects. deepmerge-ts is vulnerable to Prototype Pollution via file deepmerge.ts, function defaultMergeRecords(). This issue has been patched in version 4.0.2. There are no known workarounds for this issue.