Description
The package keyget from 0.0.0 are vulnerable to Prototype Pollution via the methods set, push, and at which could allow an attacker to cause a denial of service and may lead to remote code execution. **Note:** This vulnerability derives from an incomplete fix to [CVE-2020-28272](https://security.snyk.io/vuln/SNYK-JS-KEYGET-1048048)
Remediation
References
https://snyk.io/vuln/SNYK-JS-KEYGET-2342624
Related Vulnerabilities
CVE-2023-30537 Vulnerability in maven package org.xwiki.platform:xwiki-platform-flamingo-theme-ui
CVE-2019-9737 Vulnerability in maven package org.webjars.npm:editor.md
CVE-2020-28496 Vulnerability in maven package org.webjars.npm:three
CVE-2021-29451 Vulnerability in maven package com.manydesigns:portofino-core
CVE-2021-41246 Vulnerability in npm package express-openid-connect