lunary@0.6.16 vulnerabilities

Lunary is an open-source platform for AI developers.

latest version

0.7.10
first published

9 months ago
latest version published

3 months ago
licenses detected
- Apache-2.0
  >=0
View lunary package health on Snyk Advisor Open this link in a new tab

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the lunary package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability Vulnerable Version

Vulnerability	Vulnerable Version
M Cross-site Scripting (XSS) lunary is a Lunary is an open-source platform for AI developers. Affected versions of this package are vulnerable to Cross-site Scripting (XSS) through the `orgId` parameter in the SAML metadata endpoint. An attacker can execute arbitrary JavaScript code on the user's browser by injecting malicious scripts into the XML structure of the response. How to fix Cross-site Scripting (XSS)? There is no fixed version for `lunary`.	*

Cross-site Scripting (XSS)

lunary is a Lunary is an open-source platform for AI developers.

Affected versions of this package are vulnerable to Cross-site Scripting (XSS) through the orgId parameter in the SAML metadata endpoint. An attacker can execute arbitrary JavaScript code on the user's browser by injecting malicious scripts into the XML structure of the response.

How to fix Cross-site Scripting (XSS)?

There is no fixed version for lunary.

Go back to all versions of this package

lunary@0.6.16 vulnerabilities

Lunary is an open-source platform for AI developers.

latest version

first published

latest version published

licenses detected

Direct Vulnerabilities