33.0.2
6 years ago
2 days ago
Known vulnerabilities in the ag-grid-community package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for freeVulnerability | Vulnerable Version |
---|---|
ag-grid-community is a fully-featured and highly customizable JavaScript data grid. Affected versions of this package are vulnerable to Prototype Pollution through the vulnerable functions. An attacker can execute arbitrary code or cause a denial of service by injecting arbitrary properties. Notes:
How to fix Prototype Pollution? Upgrade | <31.3.4 |
ag-grid-community is a fully-featured and highly customizable JavaScript data grid. Affected versions of this package are vulnerable to Cross-site Scripting (XSS). By using This is only the case when you are returning a string, number, or boolean. PoC
How to fix Cross-site Scripting (XSS)? Upgrade | <25.2.0 |