org.webjars.npm:immer@8.0.1 vulnerabilities
-
latest version
9.0.17
-
latest non vulnerable version
-
first published
5 years ago
-
latest version published
a year ago
-
licenses detected
- [1.7.2,)
-
package manager
Direct Vulnerabilities
Known vulnerabilities in the org.webjars.npm:immer package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
org.webjars.npm:immer is a package that allows you to create your next immutable state by mutating the current one. Affected versions of this package are vulnerable to Prototype Pollution. A type confusion vulnerability can lead to a bypass of CVE-2020-28477 when the user-provided keys used in the PoC
How to fix Prototype Pollution? Upgrade |
[,9.0.6)
|