Summary: All versions of package merge are vulnerable to Prototype Pollution via _recursiveMerge .Published: Thursday, February 18, 2021 - 16:15cvss: 5.0