Node.js mixme 安全漏洞

Npm mixme is an application from the American company Npm. It is used to recursively merge multiple objects. The last object takes precedence over previous objects. A security vulnerability exists in Node.js mixme 0.5.0, which can be exploited by an attacker to add or change the properties of an...

PT-2021-17969 · Npm · Node.Js Mixme

Name of the Vulnerable Software and Affected Versions: Node.js mixme versions prior to 0.5.1 Description: The issue allows an attacker to add or alter properties of an object via proto through the mutate and merge functions. The polluted attribute will be directly assigned to every object in the...