A vulnerability classified as problematic has been found in alexbinary object-deep-assign 1.0.11. Affected is the function
extend
of the file /src/index.js. The manipulation leads to improperly controlled modification of object prototype attributes (‘prototype pollution’).
This vulnerability is traded as CVE-2024-36582. Access to the local network is required for this attack. There is no exploit available.