prism | Snyk

Direct Vulnerabilities

Known vulnerabilities in the prism package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
L GHSA-q3j6-qgpj-74h6	<5.15.10-r0
L CVE-2026-6321	<5.15.10-r0
L GHSA-m7pr-hjqh-92cm	<5.15.10-r0
L GHSA-6chq-wfr3-2hj9	<5.15.10-r0
C Improperly Controlled Modification of Dynamically-Determined Object Attributes	<5.15.10-r0
L GHSA-xx6v-rp6x-q39c	<5.15.10-r0
L Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	<5.15.10-r0
L GHSA-w9j2-pvgh-6h63	<5.15.10-r0
L GHSA-62hf-57xw-28j9	<5.15.10-r0
L GHSA-5c9x-8gcm-mpgx	<5.15.10-r0
L GHSA-q8qp-cvcw-x6jj	<5.15.10-r0
C Permissive Whitelist	<5.15.10-r0
L GHSA-3w6x-2g7m-8v23	<5.15.10-r0
L GHSA-445q-vr5w-6q77	<5.15.10-r0
L GHSA-gh4j-gqv2-49f6	<5.15.10-r0
H Server-Side Request Forgery (SSRF)	<5.15.10-r0
L Permissive Whitelist	<5.15.10-r0
L Improper Encoding or Escaping of Output	<5.15.10-r0
L Cross-site Scripting (XSS)	<5.15.10-r0
M Improper Authentication	<5.15.10-r0
L CRLF Injection	<5.15.10-r0
L GHSA-vf2m-468p-8v99	<5.15.10-r0
L GHSA-v2v4-37r5-5v8g	<5.15.10-r0
L GHSA-pf86-5x62-jrwf	<5.15.10-r0
L GHSA-pmwg-cvhr-8vh7	<5.15.10-r0
L XML Injection	<5.15.10-r0
H Uncontrolled Recursion	<5.15.10-r0
L Allocation of Resources Without Limits or Throttling	<5.15.10-r0
L HTTP Response Splitting	<5.15.10-r0
C Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	<5.15.10-r0
L GHSA-xhjh-pmcv-23jw	<5.15.10-r0
L Allocation of Resources Without Limits or Throttling	<5.15.10-r0
L GHSA-w5hq-g745-h8pq	<5.15.9-r0
H Out-of-bounds Write	<5.15.9-r0
L GHSA-r4q5-vmmm-2653	<5.15.7-r0
C CVE-2026-4800	<5.15.6-r2
L GHSA-3p68-rc4w-qgx5	<5.15.6-r2
M CVE-2026-2950	<5.15.6-r2
L GHSA-fvcv-3m26-pcqx	<5.15.6-r2
M HTTP Response Splitting	<5.15.6-r2
C Unintended Proxy or Intermediary ('Confused Deputy')	<5.15.6-r2
L GHSA-r5fr-rjxr-66jc	<5.15.6-r2
L GHSA-f23m-r3pf-42rh	<5.15.6-r2
L Arbitrary Code Injection	<5.14.3-r13
L Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	<5.14.3-r13
H Resource Exhaustion	<5.14.3-r13
L GHSA-xjpj-3mr7-gcpf	<5.14.3-r13
L Improper Validation of Specified Quantity in Input	<5.14.3-r13
L GHSA-2w6w-674q-4c4q	<5.14.3-r13
L GHSA-3v7f-55p6-f55p	<5.14.3-r13
C Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	<5.14.3-r13
L GHSA-xhpv-hc6g-r9c6	<5.14.3-r13
L GHSA-c2c7-rcm5-vvqj	<5.14.3-r13
L Arbitrary Code Injection	<5.14.3-r13
L Uncontrolled Recursion	<5.14.3-r13
L GHSA-2qvq-rjwj-gvw9	<5.14.3-r13
L GHSA-3mfm-83xf-c92r	<5.14.3-r13
L Improper Check for Unusual or Exceptional Conditions	<5.14.3-r13
L GHSA-442j-39wm-28r2	<5.14.3-r13
L Inefficient Regular Expression Complexity	<5.14.3-r13
L GHSA-9cx6-37pm-9jff	<5.14.3-r13
L GHSA-48c2-rrv3-qjmp	<5.14.3-r13
M Cross-site Scripting (XSS)	<5.14.3-r13
L Arbitrary Code Injection	<5.14.3-r13
H Cross-site Scripting (XSS)	<5.14.3-r13
L GHSA-7rx3-28cr-v5wh	<5.14.3-r13
L GHSA-rf6f-7fwh-wjgh	<5.14.3-r13
L GHSA-f886-m6hf-6m8v	<5.14.3-r13
L GHSA-jp2q-39xq-3w4g	<5.14.3-r13
L Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')	<5.14.3-r12
L GHSA-8gc5-j5rx-235r	<5.14.3-r12
L Uncontrolled Recursion	<5.14.3-r10
L GHSA-25h7-pfq9-p65f	<5.14.3-r10
L GHSA-qffp-2rhf-9h96	<5.14.3-r9
M Allocation of Resources Without Limits or Throttling	<5.14.3-r9
L GHSA-qpx9-hpmf-5gmw	<5.14.3-r9
M Directory Traversal	<5.14.3-r9
L GHSA-m7jm-9gc2-mpf2	<5.14.3-r7
H Directory Traversal	<5.14.3-r7
L Incorrect Regular Expression	<5.14.3-r7
L GHSA-968p-4wvh-cqc8	<5.12.1-r4
M Directory Traversal	<5.14.3-r2
L CVE-2025-1302	<5.12.1-r4
H Resource Exhaustion	<5.14.3-r2
L GHSA-23c5-xmqv-rm74	<5.14.3-r8
L GHSA-mh29-5h37-fv8m	<5.14.3-r1
L Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	<5.14.3-r1
L Inefficient Regular Expression Complexity	<5.14.3-r8
L GHSA-h5c3-5r3r-rr8q	<5.14.3-r8
L GHSA-rmvr-2pp2-xj38	<5.14.3-r8
L GHSA-2g4f-4pwh-qvx6	<5.14.3-r7
L Directory Traversal	<5.14.3-r5
L GHSA-3ppc-4f35-3m26	<5.14.3-r8
H Inefficient Regular Expression Complexity	<5.14.3-r8
L GHSA-5j98-mcp5-4vw2	<5.14.3-r1
L GHSA-jmr7-xgp7-cmfj	<5.14.3-r7
L Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')	<5.14.3-r7
L GHSA-37qj-frw5-hhjh	<5.14.3-r5
L OS Command Injection	<5.14.3-r1
L Inefficient Regular Expression Complexity	<5.14.3-r7
L GHSA-v6h2-p8h4-qcjw	<5.14.2-r2
L GHSA-83g3-92jg-28cx	<5.14.3-r7
L GHSA-p5wg-g6qr-c7cg	<5.14.3-r5
L Resource Exhaustion	<5.14.2-r2
M CVE-2025-13465	<5.14.3-r5
L Inefficient Regular Expression Complexity	<5.14.3-r8
L Improper Check for Unusual or Exceptional Conditions	<5.14.3-r6
M Improper Handling of Unicode Encoding	<5.14.3-r5
H Buffer Overflow	<5.14.3-r8
L Inefficient Regular Expression Complexity	<5.12.1-r4
L GHSA-4hjh-wcwx-xvwj	<5.14.2-r8
L GHSA-43fc-jf86-j433	<5.14.3-r6
L GHSA-xx4v-prfh-6cgc	<5.14.3-r8
L GHSA-jr5f-v2jv-69x6	<5.12.1-r4
L Algorithmic Complexity	<5.14.3-r8
L GHSA-xxjr-mmjv-4gpg	<5.14.3-r5
L Allocation of Resources Without Limits or Throttling	<5.14.2-r8
L GHSA-8qq5-rm4j-mr97	<5.14.3-r2
M Link Following	<5.14.2-r7
L GHSA-73rr-hh4g-fpgx	<5.14.3-r2
L GHSA-34x7-hfp2-rc4v	<5.14.3-r5
L GHSA-7r86-cg39-jmmj	<5.14.3-r8
L GHSA-pppg-cpfq-h7wr	<5.11.2-r1
M Server-Side Request Forgery (SSRF)	<5.12.1-r4
L GHSA-fjxv-7rqg-78g4	<5.14.2-r4
L GHSA-52f5-9888-hmc6	<5.14.2-r7
L CVE-2025-7783	<5.14.2-r4
L CVE-2024-21534	<5.11.2-r1
L Inefficient Regular Expression Complexity	<5.14.3-r8
L GHSA-hw8r-x6gr-5gjp	<5.12.1-r4
L GHSA-fj3w-jwp8-x2g3	<5.14.3-r8
L GHSA-r6q2-hw4h-h46w	<5.14.3-r5
L Improper Input Validation	<5.14.3-r5
L Inefficient Regular Expression Complexity	<5.14.3-r8
L CVE-2025-50537	<5.14.3-r5

Vulnerability

Vulnerable Version

GHSA-q3j6-qgpj-74h6

<5.15.10-r0