10.1.4
7 years ago
11 days ago
Known vulnerabilities in the @deepstream/server package. This does not include vulnerabilities belonging to this package’s dependencies.
Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.
Fix for free| Vulnerability | Vulnerable Version |
|---|---|
@deepstream/server is an a scalable server for realtime webapps Affected versions of this package are vulnerable to Prototype Pollution via the message processing pipeline. An attacker can escalate privileges and potentially gain unauthorized access or modify sensitive data by sending crafted messages containing the paths How to fix Prototype Pollution? Upgrade | <10.0.5 |