jonschlinkert/mixin-deep

Releases10

Frequency5 months 2 weeks

Last Release almost 7 years ago

Stars80

Deeply mix the properties of objects into the first object, while also mixing-in child objects.

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2018-3719 ↗	Jun 7, 2018Thursday, 7 June 2018, 02:29	8.8 HIGH	6.5 MEDIUM
mixin-deep node module before 1.3.1 suffers from a Modification of Assumed-Immutable Data (MAID) vulnerability, which allows a malicious user to modify the prototype of "Object" via __proto__, causing the addition or modification of an existing property that will exist on all objects.