Homepage

org.webjars.npm:ag-grid-community@28.1.1 vulnerabilities

  • latest version

    34.0.2

  • latest non vulnerable version

    34.0.2

  • first published

    6 years ago

  • latest version published

    8 days ago

  • licenses detected

  • package registry

    View on Maven Central Repository
    • Go back to all versions of this package
    Report a new vulnerability Found a mistake?

    Direct Vulnerabilities

    Known vulnerabilities in the org.webjars.npm:ag-grid-community package. This does not include vulnerabilities belonging to this package’s dependencies.

    How to fix?

    Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

    Fix for free
    VulnerabilityVulnerable Version
    • M
    Improperly Controlled Modification of Dynamically-Determined Object Attributes

    org.webjars.npm:ag-grid-community is a fully-featured and highly customizable JavaScript data grid.

    Affected versions of this package are vulnerable to Improperly Controlled Modification of Dynamically-Determined Object Attributes via the _.mergeDeep function. An attacker can execute arbitrary code or cause a disruption of service by modify built-in Object.prototype with an argument containing a special property __proto__ to pollute the application logic.

    How to fix Improperly Controlled Modification of Dynamically-Determined Object Attributes?

    Upgrade org.webjars.npm:ag-grid-community to version 32.2.0 or higher.

    [,32.2.0)
    Go back to all versions of this package