Rebeccastevens

**Name of the Vulnerable Software and Affected Versions** deepmerge-ts versions prior to 4.0.2 **Description** The issue is related to Prototype Pollution in the deepmerge-ts library, which provides functionality for deep merging of JavaScript objects. This pollution occurs via the file deepmerge.ts, specifically in the function defaultMergeRecords(). There are no known workarounds for this issue. **Recommendations** For versions prior to 4.0.2, update to version 4.0.2 to resolve the issue. As a temporary workaround, consider restricting the use of the defaultMergeRecords() function until the update is applied.