Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:npm/mixin-deep@1.3.2
purl pkg:npm/mixin-deep@1.3.2
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-75cr-t5b7-67d8 Prototype Pollution in mixin-deep Versions of `mixin-deep` prior to 2.0.1 or 1.3.2 are vulnerable to Prototype Pollution. The `mixinDeep` function fails to validate which Object properties it updates. This allows attackers to modify the prototype of Object, causing the addition or modification of an existing property on all objects. ## Recommendation If you are using `mixin-deep` 2.x, upgrade to version 2.0.1 or later. If you are using `mixin-deep` 1.x, upgrade to version 1.3.2 or later. CVE-2019-10746
GHSA-fhjf-83wg-r2j9

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T20:56:55.297511+00:00 GitLab Importer Fixing VCID-75cr-t5b7-67d8 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/mixin-deep/CVE-2019-10746.yml 38.4.0
2026-04-11T22:07:56.749243+00:00 GitLab Importer Fixing VCID-75cr-t5b7-67d8 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/mixin-deep/CVE-2019-10746.yml 38.3.0
2026-04-02T22:20:41.595129+00:00 GitLab Importer Fixing VCID-75cr-t5b7-67d8 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/mixin-deep/CVE-2019-10746.yml 38.1.0
2026-04-01T16:38:27.760069+00:00 GitLab Importer Fixing VCID-75cr-t5b7-67d8 https://gitlab.com/gitlab-org/advisories-community/-/blob/main/npm/mixin-deep/CVE-2019-10746.yml 38.0.0
2026-04-01T15:57:39.555494+00:00 GHSA Importer Fixing VCID-75cr-t5b7-67d8 https://github.com/advisories/GHSA-fhjf-83wg-r2j9 38.0.0
2026-04-01T13:04:27.708728+00:00 GithubOSV Importer Fixing VCID-75cr-t5b7-67d8 https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2019/08/GHSA-fhjf-83wg-r2j9/GHSA-fhjf-83wg-r2j9.json 38.0.0