cordova-plugin-ionic-webview@2.0.3 vulnerabilities

Ionic Web View Engine Plugin

Direct Vulnerabilities

Known vulnerabilities in the cordova-plugin-ionic-webview package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • M
Directory Traversal

cordova-plugin-ionic-webview is a Web View plugin for Cordova, focused on providing the highest performance experience for Ionic apps (but can be used with any Cordova app).

Affected versions of this package are vulnerable to Directory Traversal. A malicious user could access OS local files that should be inaccessible by third-party applications.

How to fix Directory Traversal?

Upgrade cordova-plugin-ionic-webview to version 2.2.0 or higher.