CVE-2020-28499

Prototype Pollution in merge

Description

All versions of package merge <2.1.1 are vulnerable to Prototype Pollution via _recursiveMerge .

Patch Available

Fix available through Seal Security.  
No upgrade required, protect your application instantly.

Fix without upgrading

Score

Severity

Ecosystem

JavaScript

Publish Date

May 4, 2021

Modified Date

January 14, 2025

Score Vector

Affected Versions