[ion-parser] ion-parser Prototype Pollution when malicious INI file submitted to application that parses with `parse`

This affects all versions of package ion-parser. If an attacker submits a malicious INI file to an application that parses it with parse , they will pollute the prototype on the application. This can be exploited further depending on the context.

References

• https://nvd.nist.gov/vuln/detail/CVE-2020-28462
• https://security.snyk.io/vuln/SNYK-JS-IONPARSER-1048971
• https://github.com/advisories/GHSA-7vrv-5m2h-rjw9