Description
All versions of package config-handler are vulnerable to Prototype Pollution when loading config files.
Remediation
References
https://github.com/jarradseers/config-handler/issues/1
https://snyk.io/vuln/SNYK-JS-CONFIGHANDLER-1564947
Related Vulnerabilities
CVE-2021-21165 Vulnerability in maven package org.webjars.npm:electron
CVE-2018-3721 Vulnerability in maven package org.webjars.npm:lodash.merge
CVE-2022-27202 Vulnerability in maven package org.jenkins-ci.plugins:extended-choice-parameter
CVE-2021-40865 Vulnerability in maven package org.apache.storm:storm-server
CVE-2023-3432 Vulnerability in maven package net.sourceforge.plantuml:plantuml