aleung
commented
3 years ago There is PR #76 but not being merged after months.
Closed sruthy-s-rft closed 2 years ago
aleung
commented
3 years ago There is PR #76 but not being merged after months.
chbrown
commented
2 years ago Uggh okay fine, fixed in v5.0.0 just now.
As per veracode scans, this library is subject to prototype pollution. https://sca.analysiscenter.veracode.com/vulnerability-database/security/sca/vulnerability/sid-28898/summary
Is there a plan to fix this in the upcoming release.