Description
All versions of package deepmergefn are vulnerable to Prototype Pollution via deepMerge function.
Remediation
References
https://github.com/jesusgm/deepmergefn/blob/master/index.js%23L6
https://snyk.io/vuln/SNYK-JS-DEEPMERGEFN-1310984
Related Vulnerabilities
CVE-2020-7661 Vulnerability in maven package org.webjars.npm:url-regex
CVE-2022-25881 Vulnerability in npm package http-cache-semantics
CVE-2023-36542 Vulnerability in maven package org.apache.nifi:nifi-hikari-dbcp-service
CVE-2022-23458 Vulnerability in npm package tui-grid
CVE-2020-28426 Vulnerability in npm package kill-process-on-port