fun-map@3.2.0 vulnerabilities

a few functional utilities for pretending that JS objects are Clojure string maps.

Direct Vulnerabilities

Known vulnerabilities in the fun-map package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • H
Arbitrary Code Execution

fun-map is a functional utilities for pretending that JS objects are Clojure string maps.

Affected versions of this package are vulnerable to Arbitrary Code Execution. The injection point is located in line 26 in the index file class.js; the members argument of the create function can be controlled by users without any sanitization.

How to fix Arbitrary Code Execution?

There is no fixed version for fun-map.

*