liquidjs@9.20.1 vulnerabilities

A simple, expressive and safe Shopify / Github Pages compatible template engine in pure JavaScript.

  • latest version

    10.19.0

  • latest non vulnerable version

  • first published

    7 years ago

  • latest version published

    27 days ago

  • licenses detected

  • Direct Vulnerabilities

    Known vulnerabilities in the liquidjs package. This does not include vulnerabilities belonging to this package’s dependencies.

    How to fix?

    Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

    Fix for free
    VulnerabilityVulnerable Version
    • M
    Information Exposure

    liquidjs is an A simple, expressive, safe and Shopify compatible template engine in pure JavaScript.

    Affected versions of this package are vulnerable to Information Exposure when ownPropertyOnly parameter is set to False, which results in leaking properties of a prototype.

    How to fix Information Exposure?

    Upgrade liquidjs to version 10.0.0 or higher.

    <10.0.0