Lodash Vulnerability - CVE-2018-3721

lodash node module before 4.17.5 suffers from a Modification of Assumed-Immutable Data (MAID) vulnerability via defaultsDeep merge and mergeWith functions which allows a malicious user to modify the prototype of quotObjectquot via __proto__ causing the addition or modification of an existing property that will exist on all objects.