Homepage

org.webjars.npm:utile@0.2.1 vulnerabilities

  • latest version

    0.3.0

  • first published

    8 years ago

  • latest version published

    8 years ago

  • licenses detected

  • package manager

    View on Maven Repository
    • Go back to all versions of this package
    Report a new vulnerability Found a mistake?

    Direct Vulnerabilities

    Known vulnerabilities in the org.webjars.npm:utile package. This does not include vulnerabilities belonging to this package’s dependencies.

    How to fix?

    Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

    Fix for free
    VulnerabilityVulnerable Version
    • H
    Prototype Pollution

    Affected versions of this package are vulnerable to Prototype Pollution through the createPath function. An attacker can disrupt service by supplying a crafted payload with Object.prototype setter to introduce or modify properties within the global prototype chain.

    How to fix Prototype Pollution?

    There is no fixed version for org.webjars.npm:utile.

    [0,)
    • L
    Uninitialized Memory Exposure

    utile is a drop-in replacement for util with some additional advantageous functions.

    Affected versions of this package are vulnerable to Uninitialized Memory Exposure. A malicious user could extract sensitive data from uninitialized memory or to cause a DoS by passing in a large number, in setups where typed user input can be passed.

    Note Uninitialized Memory Exposure impacts only Node.js 6.x or lower, Denial of Service impacts any Node.js version.

    How to fix Uninitialized Memory Exposure?

    There is no fix version for utile.

    (,)
    Go back to all versions of this package