Known CVE vulnerabilities and GitHub Security Advisories affecting the npm package mixme, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (2)
CVE-2021-28860 — CVSS 9.1 (critical): In Node.js mixme, prior to v0.5.1, an attacker can add or alter properties of an object via '__proto__' through the mutate() and merge()…
CVE-2021-29491: Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-28860. Reason: This candidate is a reservation duplicate of…