react-native-webview@10.10.1 vulnerabilities
React Native WebView component for iOS, Android, macOS, and Windows
-
latest version
13.12.4
-
latest non vulnerable version
-
first published
9 years ago
-
latest version published
7 days ago
-
licenses detected
- >=0
Direct Vulnerabilities
Known vulnerabilities in the react-native-webview package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.| Vulnerability | Vulnerable Version |
|---|---|
react-native-webview is a React Native WebView component for iOS, Android, macOS, and Windows Affected versions of this package are vulnerable to Cross-site Scripting (XSS). A universal cross-site scripting (UXSS) vulnerability has been identified in the Android WebView system component, which allows cross-origin iframes to execute arbitrary JavaScript in the top-level document. This vulnerability affects React Native apps which use a react-native-webview that allows navigation to arbitrary URLs, and when that app runs on systems with an Android WebView version prior to 83.0.4103.106. How to fix Cross-site Scripting (XSS)? Upgrade |
<11.0.0
|