3.7.7
11 years ago
1 years ago
Package is deprecated
Known vulnerabilities in the jointjs package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for freeVulnerability | Vulnerable Version |
---|---|
jointjs is a JavaScript diagramming library. It can be used to create either static diagrams or, and more importantly, fully interactive diagramming tools and application builders. Affected versions of this package are vulnerable to Prototype Pollution. A type confusion vulnerability can lead to a bypass of CVE-2020-28480 when the user-provided keys used in the PoC
How to fix Prototype Pollution? Upgrade | <3.4.2 |
jointjs is a JavaScript diagramming library. It can be used to create either static diagrams or, and more importantly, fully interactive diagramming tools and application builders. Affected versions of this package are vulnerable to Denial of Service (DoS) via the How to fix Denial of Service (DoS)? Upgrade | <3.3.0 |
jointjs is a JavaScript diagramming library. It can be used to create either static diagrams or, and more importantly, fully interactive diagramming tools and application builders. Affected versions of this package are vulnerable to Prototype Pollution via PoC
How to fix Prototype Pollution? Upgrade | <3.3.0 |