Vulnerability	Vulnerable Version
M Authorization Bypass `cordova-ios` is an iOS application library that allows for Cordova-based projects to be built for the iOS Platform. Affected versions of the package are vulnerable to Authorization bypass. Apache Cordova iOS contains 2 methods to bypass the URL access restrictions provided by the whitelist. An attacker can use any of the 2 methods to load malicious resources in an app that uses a whitelist to only load trusted resources. How to fix Authorization Bypass? Upgrade `cordova-ios` to version 4.0.0 or higher.	>=3.5.0 <4.0.0
M Arbitrary execution `cordova-ios` is an iOS application library that allows for Cordova-based projects to be built for the iOS Platform. Affected versions of the package are vulnerable to Arbitrary Code Execution. A malicious plugin can be executed when a user clicks on a link. How to fix Arbitrary execution? Upgrade `cordova-ios` to version 4.0.0 or higher.	>=3.5.0 <4.0.0

Authorization Bypass

cordova-ios is an iOS application library that allows for Cordova-based projects to be built for the iOS Platform.

Affected versions of the package are vulnerable to Authorization bypass. Apache Cordova iOS contains 2 methods to bypass the URL access restrictions provided by the whitelist. An attacker can use any of the 2 methods to load malicious resources in an app that uses a whitelist to only load trusted resources.

How to fix Authorization Bypass?

Upgrade cordova-ios to version 4.0.0 or higher.

>=3.5.0 <4.0.0

Arbitrary execution

cordova-ios is an iOS application library that allows for Cordova-based projects to be built for the iOS Platform.

Affected versions of the package are vulnerable to Arbitrary Code Execution. A malicious plugin can be executed when a user clicks on a link.

How to fix Arbitrary execution?

Upgrade cordova-ios to version 4.0.0 or higher.

>=3.5.0 <4.0.0

Go back to all versions of this package