Vulnerabilities > Merge Project > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-07-25 CVE-2021-23397 Unspecified vulnerability in Merge Project Merge
All versions of package @ianwalter/merge are vulnerable to Prototype Pollution via the main (merge) function.
network
low complexity
merge-project
critical
 9.8
9.8
2021-09-10 CVE-2021-3645 Unspecified vulnerability in Merge Project Merge 1.0.0
merge is vulnerable to Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
network
low complexity
merge-project
critical
 9.8
9.8
2021-02-18 CVE-2020-28499 Unspecified vulnerability in Merge Project Merge
All versions of package merge are vulnerable to Prototype Pollution via _recursiveMerge .
network
low complexity
merge-project
critical
 9.8
9.8