Affected versions of the package are vulnerable to Arbitrary Code Injection due to unsafe use of the
eval() function. Node.js provides the
mixin-pro to version 0.6.7 or higher.
- Cristian-Alexandru Staicu, Michael Pradel, Ben Livshits
- Snyk ID
- 07 Apr, 2016
- 01 May, 2017