Description
All versions of the package flatnest are vulnerable to Prototype Pollution via the nest() function in the flatnest/nest.js file.
Remediation
References
https://github.com/brycebaril/node-flatnest/blob/b7d97ec64a04632378db87fcf3577bd51ac3ee39/nest.js%23L43
https://github.com/brycebaril/node-flatnest/commit/27d569baf9d9d25677640edeaf2d13af165868d6
https://github.com/brycebaril/node-flatnest/issues/4
https://security.snyk.io/vuln/SNYK-JS-FLATNEST-3185149
Related Vulnerabilities
CVE-2023-26479 Vulnerability in maven package org.xwiki.platform:xwiki-platform-rendering-parser
CVE-2022-25898 Vulnerability in maven package org.webjars.bower:jsrsasign
CVE-2021-29445 Vulnerability in npm package jose-node-esm-runtime
CVE-2022-23944 Vulnerability in maven package org.apache.shenyu:shenyu-common
CVE-2021-39167 Vulnerability in npm package @openzeppelin/contracts