N/A

mixin-deep node module before 1.3.1 suffers from a Modification of Assumed-Immutable Data (MAID) vulnerability, which allows a malicious user to modify the prototype of "Object" via __proto__, causing the addition or modification of an existing property that will exist on all objects.

N/A

对假设不可变数据的修改(MAID)

mixin-deep 安全漏洞

mixin-deep是一个软件包。 mixin-deep 1.3.1之前版本中存在安全漏洞。攻击者可借助__proto__修改‘Object’原型利用该漏洞造成拒绝服务（崩溃或返回500错误）并可能执行代码。

N/A

N/A