Snyk Vulnerability Database

The leading database for open source vulnerabilities and cloud misconfigurations.

Embedded Malicious Code

Affecting @lottiefiles/lottie-player package, versions >=2.0.5 <2.0.8

How to fix?

Avoid using all malicious instances of the @lottiefiles/lottie-player package.

0.0
critical
0
10
0.0
0
10

Recent vulnerabilities disclosed by Snyk

We’ve disclosed
3364
vulnerabilities

by Snyk Security
Researchers

About Snyk

Snyk is a developer security platform. Integrating directly into development tools, workflows, and automation pipelines, Snyk makes it easy for teams to find, prioritize, and fix security vulnerabilities in code, dependencies, containers, and infrastructure as code. Supported by industry-leading application and security intelligence, Snyk puts security expertise in any developer's toolkit.

A shield with a tick icon inside, symbolising security