P. Adithya Srinivas

**Name of the Vulnerable Software and Affected Versions** sds versions 0.0.0 and later **Description** The issue allows the library to be tricked into adding or modifying properties of the Object.prototype. This is achieved by abusing the `set` function located in `js/set.js`. **Recommendations** For sds version 0.0.0, consider restricting access to the `set` function in `js/set.js` to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** bodymen versions 0.0.0 and later **Description** The issue allows for Prototype Pollution via the `handler` function, which can be tricked into adding or modifying properties of `Object.prototype` using a ` proto ` payload. **Recommendations** For bodymen versions 0.0.0 and later, at the moment, there is no information about a newer version that contains a fix for this vulnerability.