@advanced-rest-client/base/.../base@0.1.3 vulnerabilities

Base UI components for the Advanced REST Client and derivative apps

  • latest version

    0.1.10

  • latest non vulnerable version

  • first published

    3 years ago

  • latest version published

    2 years ago

  • licenses detected

  • Direct Vulnerabilities

    Known vulnerabilities in the @advanced-rest-client/base package. This does not include vulnerabilities belonging to this package’s dependencies.

    How to fix?

    Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

    Fix for free
    VulnerabilityVulnerable Version
    • H
    Execution with Unnecessary Privileges

    Affected versions of this package are vulnerable to Execution with Unnecessary Privileges when the end-user click on the response header that contains a link the target will be opened in ARC new window which will preload the script and allow it to execute any logic that ARC has access to from the renderer process. It includes file system access, data store access, and some additional processes that only ARC should have access to.

    How to fix Execution with Unnecessary Privileges?

    Upgrade @advanced-rest-client/base to version 0.1.10 or higher.

    <0.1.10