Set nested values on an object using a dot path or custom separator
latest non vulnerable version
5 years ago
latest version published
a year ago
Known vulnerabilities in the @strikeentco/set package. This does not include vulnerabilities belonging to this package’s dependencies.Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Affected versions of this package are vulnerable to Prototype Pollution. It allows an attacker to cause a denial of service and may lead to remote code execution.
Note: This vulnerability derives from an incomplete fix in https://security.snyk.io/vuln/SNYK-JS-STRIKEENTCOSET-1038821
How to fix Prototype Pollution?