Homepage

@hapi/hoek@6.2.2 vulnerabilities

General purpose node utilities

  • latest version

    11.0.7

  • latest non vulnerable version

    11.0.7

  • first published

    5 years ago

  • latest version published

    4 months ago

  • licenses detected

  • View hoek package health on Snyk Advisor  (opens in a new tab)
    • Go back to all versions of this package
    Report a new vulnerability Found a mistake?

    Direct Vulnerabilities

    Known vulnerabilities in the @hapi/hoek package. This does not include vulnerabilities belonging to this package’s dependencies.

    How to fix?

    Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

    Fix for free
    VulnerabilityVulnerable Version
    • M
    Prototype Pollution

    @hapi/hoek is an utility methods package for the hapi ecosystem

    Affected versions of this package are vulnerable to Prototype Pollution. The clone function fails to prevent the modification of the Object prototype when passed specially-crafted input.

    Note: This issue does not affect hapi applications since the framework protects against such malicious inputs. Only applications that use @hapi/hoek outside of the hapi ecosystem may be vulnerable.

    How to fix Prototype Pollution?

    Upgrade @hapi/hoek to version 8.5.1, 9.0.3 or higher.

    <8.5.1>=9.0.0 <9.0.3
    Go back to all versions of this package