Description
All versions of package merge-deep2 are vulnerable to Prototype Pollution via the mergeDeep() function.
Remediation
References
https://snyk.io/vuln/SNYK-JS-MERGEDEEP2-1727593
Related Vulnerabilities
CVE-2018-3716 Vulnerability in npm package simplehttpserver
CVE-2021-21430 Vulnerability in maven package org.openapitools:openapi-generator-project
CVE-2017-16226 Vulnerability in maven package org.webjars.npm:static-eval
CVE-2021-31805 Vulnerability in maven package org.apache.struts:struts2-core
CVE-2023-40341 Vulnerability in maven package io.jenkins.blueocean:blueocean