@andrei-tatar/nora-firebase-common/.../nora-firebase-common@1.7.1 vulnerabilities

Common stuff for nora firebase

  • latest version

    1.12.3

  • latest non vulnerable version

  • first published

    3 years ago

  • latest version published

    8 months ago

  • licenses detected

  • Direct Vulnerabilities

    Known vulnerabilities in the @andrei-tatar/nora-firebase-common package. This does not include vulnerabilities belonging to this package’s dependencies.

    How to fix?

    Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

    Fix for free
    VulnerabilityVulnerable Version
    • C
    Prototype Pollution

    @andrei-tatar/nora-firebase-common is a Common stuff for nora firebase

    Affected versions of this package are vulnerable to Prototype Pollution due to improper input validation in the updateStateInternal method. An attacker can execute arbitrary code by sending a crafted script to the updateState parameter.

    How to fix Prototype Pollution?

    Upgrade @andrei-tatar/nora-firebase-common to version 1.12.3 or higher.

    >=1.0.41 <1.12.3