CVE-2021-23397 Information

Description

All versions of package @ianwalter/merge are vulnerable to Prototype Pollution via the main (merge) function. Maintainer suggests using @generates/merger instead.

Reference

https://security.snyk.io/vuln/SNYK-JS-IANWALTERMERGE-1311022