@blackprint/engine@0.8.15 vulnerabilities

Blackprint engine for JavaScript environment

Direct Vulnerabilities

Known vulnerabilities in the @blackprint/engine package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • H
Prototype Pollution

@blackprint/engine is a Blackprint engine for JavaScript environment

Affected versions of this package are vulnerable to Prototype Pollution via the _utils.setDeepProperty function. An attacker can execute arbitrary code by exploiting this vulnerability.

How to fix Prototype Pollution?

Upgrade @blackprint/engine to version 0.9.2 or higher.

>=0.8.12 <0.9.2