mdx-mermaid@0.0.1 vulnerabilities

Display mermaid diagrams in mdx files.

latest version

2.0.0
latest non vulnerable version

2.0.0
first published

3 years ago
latest version published

10 months ago
View mdx-mermaid package health on Snyk Advisor Open this link in a new tab

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the mdx-mermaid package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability Vulnerable Version

Vulnerability	Vulnerable Version
L Code Injection mdx-mermaid is a Display mermaid diagrams in mdx files. Affected versions of this package are vulnerable to Code Injection due to improper input validation, which makes it possible to inject malicious code inside a code block of `Mermaid.spec.tsx`. Exploiting this vulnerability is possible when a component is loaded by MDXjs. How to fix Code Injection? Upgrade `mdx-mermaid` to version 1.3.0, 2.0.0-rc2 or higher.	<1.3.0 >=2.0.0-rc1 <2.0.0-rc2

Code Injection

mdx-mermaid is a Display mermaid diagrams in mdx files.

Affected versions of this package are vulnerable to Code Injection due to improper input validation, which makes it possible to inject malicious code inside a code block of Mermaid.spec.tsx. Exploiting this vulnerability is possible when a component is loaded by MDXjs.

How to fix Code Injection?

Upgrade mdx-mermaid to version 1.3.0, 2.0.0-rc2 or higher.

<1.3.0 >=2.0.0-rc1 <2.0.0-rc2

Go back to all versions of this package

mdx-mermaid@0.0.1 vulnerabilities

Display mermaid diagrams in mdx files.

latest version

latest non vulnerable version

first published

latest version published

Direct Vulnerabilities