Ubuntu Security Notice 6758-1 - It was discovered that the JSON5 parse method incorrectly handled the parsing of keys named __proto__. An attacker could possibly use this issue to pollute the prototype of the returned object, setting arbitrary or unexpected keys, and cause a denial of service, allow unintended access to network services or have other unspecified impact, depending on the application's use of the module. Continue reading...
