All versions of package promisehelpers are vulnerable to Prototype Pollution via the insert function.