nested-property@2.0.0-beta1 vulnerabilities

Read, write or test a data structure's nested property via a string like 'my.nested.property'. It works through arrays and objects.'

  • latest version

    4.0.0

  • latest non vulnerable version

  • first published

    10 years ago

  • latest version published

    4 years ago

  • licenses detected

  • Direct Vulnerabilities

    Known vulnerabilities in the nested-property package. This does not include vulnerabilities belonging to this package’s dependencies.

    How to fix?

    Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

    Fix for free
    VulnerabilityVulnerable Version
    • M
    Prototype Pollution

    nested-property is a Traverse a deeply nested JS data structure to get, set values, or test if values are part of the data structure. Nested property offers a simple syntax to define a path to access a value with.

    Affected versions of this package are vulnerable to Prototype Pollution. Is vulnerable when it performs a set operation for nested objects

    How to fix Prototype Pollution?

    Upgrade nested-property to version 3.0.0 or higher.

    <3.0.0