Description
All versions of component-flatten are vulnerable to Prototype Pollution. The a function could be tricked into adding or modifying properties of Object.prototype using a __proto__ payload.
Remediation
References
https://snyk.io/vuln/SNYK-JS-COMPONENTFLATTEN-548907
Related Vulnerabilities
CVE-2020-15231 Vulnerability in maven package org.mapfish.print:print-servlet
CVE-2018-8014 Vulnerability in maven package org.apache.tomcat:tomcat-catalina
CVE-2022-36537 Vulnerability in maven package org.zkoss.zk:zk
CVE-2023-47320 Vulnerability in maven package org.silverpeas.core:silverpeas-core-war
CVE-2021-37404 Vulnerability in maven package org.apache.hadoop:hadoop-hdfs-native-client