alasql@0.4.8 vulnerabilities
Use SQL to select and filter javascript data - including relational joins and search in nested objects (JSON). Export to and import from Excel and CSV
-
latest version
4.5.2
-
latest non vulnerable version
-
first published
10 years ago
-
latest version published
2 months ago
-
licenses detected
- >=0
Direct Vulnerabilities
Known vulnerabilities in the alasql package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
alasql is an Use SQL to select and filter javascript data - including relational joins and search in nested objects (JSON). Export to and import from Excel and CSV Affected versions of this package are vulnerable to Arbitrary Code Injection. AlaSQL doesn't restrict characters in square brackets ( POC
How to fix Arbitrary Code Injection? Upgrade |
<0.7.0
|