Homepage
About Snyk

@fastly/js-compute@3.6.2 vulnerabilities

Go back to all versions of this package
Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the @fastly/js-compute package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • M
Use After Free

@fastly/js-compute is a npm version npm downloads per month

Affected versions of this package are vulnerable to Use After Free which allows an attacker to cause unintended data loss or service disruption through the implementation of the following functions:

  1. FetchEvent.client.tlsCipherOpensslName

  2. FetchEvent.client.tlsProtocol

  3. FetchEvent.client.tlsClientCertificate

  4. FetchEvent.client.tlsJA3MD5

  5. FetchEvent.client.tlsClientHello

  6. CacheEntry.prototype.userMetadata of the fastly:cache subsystem

  7. Device.lookup of the fastly:device subsystem

How to fix Use After Free?

Upgrade @fastly/js-compute to version 3.16.0 or higher.

>=3.0.0 <3.16.0
Go back to all versions of this package