CVE-2022-37257: steal vulnerable to Prototype Pollution via requestedVersion variable

Severity: Critical

CVSS Score: 9.8

Prototype pollution vulnerability in function convertLater in npm-convert.js in stealjs steal 2.2.4 via the requestedVersion variable in npm-convert.js.