Description
All versions of package config-handler are vulnerable to Prototype Pollution when loading config files.
Remediation
References
https://github.com/jarradseers/config-handler/issues/1
https://snyk.io/vuln/SNYK-JS-CONFIGHANDLER-1564947
Related Vulnerabilities
CVE-2023-27562 Vulnerability in npm package n8n
CVE-2021-22964 Vulnerability in npm package fastify-static
CVE-2019-10793 Vulnerability in maven package org.webjars.bower:dot-object
CVE-2021-27515 Vulnerability in maven package org.webjars.npm:url-parse
CVE-2023-45135 Vulnerability in maven package org.xwiki.platform:xwiki-platform-web-war