CVE-2021-40663

Name of the Vulnerable Software and Affected Versions deep.assign npm package version 0.0.0-alpha.0

Description The issue is related to Improperly Controlled Modification of Object Prototype Attributes, also known as 'Prototype Pollution'. This occurs when an application does not properly control modifications to object prototype attributes, allowing an attacker to manipulate the prototype chain. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents where this issue was exploited.

Recommendations For deep.assign npm package version 0.0.0-alpha.0, at the moment, there is no information about a newer version that contains a fix for this vulnerability.