Description
The package keyget from 0.0.0 are vulnerable to Prototype Pollution via the methods set, push, and at which could allow an attacker to cause a denial of service and may lead to remote code execution. **Note:** This vulnerability derives from an incomplete fix to [CVE-2020-28272](https://security.snyk.io/vuln/SNYK-JS-KEYGET-1048048)
Remediation
References
https://snyk.io/vuln/SNYK-JS-KEYGET-2342624
Related Vulnerabilities
CVE-2022-41940 Vulnerability in npm package engine.io
CVE-2023-0410 Vulnerability in npm package @builder.io/qwik
CVE-2023-30363 Vulnerability in npm package vconsole
CVE-2022-2596 Vulnerability in maven package org.webjars.npm:node-fetch
CVE-2019-16869 Vulnerability in maven package org.jboss.netty:netty