Severity: Critical
CVSS Score: 7.3
The package bmoor before 0.8.12 are vulnerable to Prototype Pollution via the set function.