react-native-document-picker@1.0.1 vulnerabilities

A react native interface to access documents from dropbox, google drive, iCloud...

  • latest version

    9.3.1

  • latest non vulnerable version

  • first published

    8 years ago

  • latest version published

    5 months ago

  • deprecated

    Package is deprecated

  • licenses detected

    • >=1.0.0 <3.2.0
  • Direct Vulnerabilities

    Known vulnerabilities in the react-native-document-picker package. This does not include vulnerabilities belonging to this package’s dependencies.

    How to fix?

    Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

    Fix for free
    VulnerabilityVulnerable Version
    • H
    Path Traversal

    react-native-document-picker is an A react native interface to access documents from dropbox, google drive, iCloud...

    Affected versions of this package are vulnerable to Path Traversal due to improper input validation in the Android library component. A local attacker can execute arbitrary code by supplying a crafted script.

    How to fix Path Traversal?

    Upgrade react-native-document-picker to version 9.1.1 or higher.

    <9.1.1