rollbar 0.6.6 vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the rollbar package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
H Prototype Pollution rollbar is an Effortlessly track and debug errors in your JavaScript applications with Rollbar. This package includes advanced error tracking features and an intuitive interface to help you identify and fix issues more quickly. Affected versions of this package are vulnerable to Prototype Pollution via the `merge` function. An attacker can modify the prototype of built-in objects by supplying crafted input to the configuration process. This can lead to unexpected behavior or security issues in the application if untrusted input is passed to configuration. How to fix Prototype Pollution? Upgrade `rollbar` to version 2.26.5, 3.0.0-beta.5 or higher.	<2.26.5>=3.0.0-alpha.1 <3.0.0-beta.5
M Prototype Pollution rollbar is an Effortlessly track and debug errors in your JavaScript applications with Rollbar. This package includes advanced error tracking features and an intuitive interface to help you identify and fix issues more quickly. Affected versions of this package are vulnerable to Prototype Pollution via the `utility.set` function. An attacker can modify the prototype of global objects by supplying a crafted payload, potentially leading to application instability or service disruption. Note: The project maintainers have stated that there is no possibility that user input could be used to exploit the prototype pollution described here. The PoC has been validated as a theoretical vector, and a fixed version has been released. How to fix Prototype Pollution? Upgrade `rollbar` to version 2.26.5, 3.0.0-beta.5 or higher.	<2.26.5>=3.0.0-alpha.1 <3.0.0-beta.5

Vulnerability

Vulnerable Version

Prototype Pollution

rollbar is an Effortlessly track and debug errors in your JavaScript applications with Rollbar. This package includes advanced error tracking features and an intuitive interface to help you identify and fix issues more quickly.

Affected versions of this package are vulnerable to Prototype Pollution via the merge function. An attacker can modify the prototype of built-in objects by supplying crafted input to the configuration process. This can lead to unexpected behavior or security issues in the application if untrusted input is passed to configuration.

How to fix Prototype Pollution?

Upgrade rollbar to version 2.26.5, 3.0.0-beta.5 or higher.

<2.26.5>=3.0.0-alpha.1 <3.0.0-beta.5

Prototype Pollution

Affected versions of this package are vulnerable to Prototype Pollution via the utility.set function. An attacker can modify the prototype of global objects by supplying a crafted payload, potentially leading to application instability or service disruption.

Note: The project maintainers have stated that there is no possibility that user input could be used to exploit the prototype pollution described here. The PoC has been validated as a theoretical vector, and a fixed version has been released.

How to fix Prototype Pollution?

Upgrade rollbar to version 2.26.5, 3.0.0-beta.5 or higher.

<2.26.5>=3.0.0-alpha.1 <3.0.0-beta.5

rollbar@0.6.6 vulnerabilities

Effortlessly track and debug errors in your JavaScript applications with Rollbar. This package includes advanced error tracking features and an intuitive interface to help you identify and fix issues more quickly.

latest version

latest non vulnerable version

first published

latest version published

licenses detected

Direct Vulnerabilities

Fix vulnerabilities automatically