Set and get values on objects via dot-notation strings.
latest non vulnerable version
10 years ago
latest version published
a month ago
Known vulnerabilities in the deep-get-set package. This does not include vulnerabilities belonging to this package’s dependencies.Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
deep-get-set is a Set and get values on objects via dot-notation strings.
Affected versions of this package are vulnerable to Prototype Pollution via the 'deep' function.
Note: This vulnerability derives from an incomplete fix of CVE-2020-7715
How to fix Prototype Pollution?