All versions of package dojo are vulnerable to Prototype Pollution via the setObject function.
CVSS Metrics
