Vulnerabilities > Adaltas

DATE CVE VULNERABILITY TITLE RISK
2021-05-03 CVE-2021-28860 Unspecified vulnerability in Adaltas Mixme
In Node.js mixme, prior to v0.5.1, an attacker can add or alter properties of an object via '__proto__' through the mutate() and merge() functions.
network
low complexity
adaltas
critical
9.1
2021-03-12 CVE-2021-23354 Unspecified vulnerability in Adaltas Printf
The package printf before 0.6.1 are vulnerable to Regular Expression Denial of Service (ReDoS) via the regex string /\%(?:\(([\w_.]+)\)|([1-9]\d*)\$)?([0 +\-\]*)(\*|\d+)?(\.)?(\*|\d+)?[hlL]?([\%bscdeEfFgGioOuxX])/g in lib/printf.js.
network
low complexity
adaltas
7.5