The package grpc before 1.24.4; the package @grpc/grpc-js before 1.1.8 are vulnerable to Prototype Pollution via loadPackageDefinition.
{ "versions": [ { "introduced": "0" }, { "fixed": "1.24.2" } ] }
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-7768.json"
[ { "events": [ { "introduced": "0" }, { "fixed": "1.1.8" } ] } ]