CVE-2020-7713

Name of the Vulnerable Software and Affected Versions arr-flatten-unflatten versions up to and including 1.1.4

Description The issue concerns Prototype Pollution via the constructor. This means that an attacker could potentially manipulate the prototype of an object, leading to unintended behavior or security breaches.

Recommendations For versions up to and including 1.1.4, consider avoiding the use of the vulnerable constructor until a patch is available. As a temporary workaround, restrict the use of the arr-flatten-unflatten package to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.