7.0.1
11 years ago
10 months ago
Known vulnerabilities in the pac-resolver package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for freeVulnerability | Vulnerable Version |
---|---|
Affected versions of this package are vulnerable to Remote Code Execution (RCE). This can occur when used with untrusted input, due to unsafe PAC file handling. In order to exploit this vulnerability in practice, this either requires an attacker on your local network, a specific vulnerable configuration, or some second vulnerability that allows an attacker to set your config values. NOTE: The fix for this vulnerability is applied in the PoC
How to fix Remote Code Execution (RCE)? Upgrade | <5.0.0 |