Description
The package keyget from 0.0.0 are vulnerable to Prototype Pollution via the methods set, push, and at which could allow an attacker to cause a denial of service and may lead to remote code execution. **Note:** This vulnerability derives from an incomplete fix to [CVE-2020-28272](https://security.snyk.io/vuln/SNYK-JS-KEYGET-1048048)
Remediation
References
https://snyk.io/vuln/SNYK-JS-KEYGET-2342624
Related Vulnerabilities
CVE-2020-14060 Vulnerability in maven package com.fasterxml.jackson.core:jackson-databind
CVE-2017-16211 Vulnerability in npm package lessindex
CVE-2023-40812 Vulnerability in maven package org.opencrx:opencrx-core-models
CVE-2022-1365 Vulnerability in npm package cross-fetch
CVE-2020-28500 Vulnerability in maven package org.webjars.bowergithub.lodash:lodash