The package bmoor before 0.8.12 are vulnerable to Prototype Pollution via the set function.
{ "github_reviewed_at": "2021-04-22T22:35:49Z", "cwe_ids": [ "CWE-1321" ], "severity": "HIGH", "nvd_published_at": "2020-10-02T10:15:00Z", "github_reviewed": true }