These efforts have resulted in the discovery of multiple prototype pollution attacks in more and more JavaScript libraries, such as Mongoose, lodash.merge, node.extend, deep-extend, and HAPI--some ...