mixin-deep is vulnerable to Prototype Pollution in versions prior to 1.3.2 and version 2.0.0. The function mixin-deep could be tricked into adding or modifying properties of Object.prototype using a constructor payload.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mixin-deep project mixin-deep |
||
mixin-deep project mixin-deep 2.0.0 |
||
fedoraproject fedora 30 |
||
fedoraproject fedora 31 |
||
oracle communications cloud native core network function cloud native environment 1.4.0 |