Yohannslm

**Name of the Vulnerable Software and Affected Versions** flatted versions prior to 3.4.2 **Description** flatted is a circular JSON parser. The `parse()` function does not validate that string values from the parsed JSON used as array index keys are numeric. This allows attacker-controlled strings, such as " proto ", to be used as keys, accessing `Array.prototype` via the inherited getter. This prototype is then treated as a parsed value and assigned to the output object, leaking a live reference to `Array.prototype` to the consumer. Subsequent writes to this property can pollute the global prototype chain. The issue resides in the `esm/index.js` file, specifically within the `resolver` function, where the `input` array is accessed using a potentially unsafe key `value`. The vulnerable code does not ensure that `value` is a valid numeric index before accessing the `input` array. This can lead to denial of service or code execution. **Recommendations** versions prior to 3.4.2: Upgrade to version 3.4.2 or later to resolve this issue.