Typescript Deep Merge Project CVE - CVE Search - CVE Details

Filtered by vendor Typescript Deep Merge Project Subscribe

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2022-25907	1 Typescript Deep Merge Project	1 Typescript Deep Merge	2022-08-12	N/A	9.8 CRITICAL
The package ts-deepmerge before 2.0.2 are vulnerable to Prototype Pollution due to missing sanitization of the merge function.

Vulnerabilities (CVE)