GHSA-cqp5-m4pq-gfgp
GitHub Security Advisory
Prototype Pollution in defaults-deep
✓ GitHub Reviewed
HIGH
Has CVE
Advisory Details
Versions of `default-deep` before 0.2.4 are vulnerable to prototype pollution
## Recommendation
Update to version 0.2.4 or later.
Affected Packages
npm
defaults-deep
Affected versions:
0
(fixed in 0.2.4)
Related CVEs
Key Information
7.5
/10
Dataset
Last updated: November 24, 2025 6:29 AM
Data from GitHub Advisory Database. This information is provided for research and educational purposes.