Vulnerability	Vulnerable Version
L Improper Data Handling ses is a secure runtime for running third-party code safely. Affected versions of this package are vulnerable to Improper Data Handling due to a defect in `harden` properties which have names that parse as numbers but are not the same as the canonical representation of those numbers, as in `"+0"` and `""` which are both equivalent to their canonical number `"0"`, remain writable after hardening. How to fix Improper Data Handling? Upgrade `ses` to version 0.16.0 or higher.	<0.16.0
C Outdated Static Dependency ses is a secure runtime for running third-party code safely. Affected versions of this package are vulnerable to Outdated Static Dependency. The package relies on `realms-shim` and has it loaded statically instead of as a dependency that can be updated. The version of `realms-shim` it has contains multiple critical Sandbox Breakout vulnerabilities. How to fix Outdated Static Dependency? Upgrade `ses` to version 0.6.3 or higher.	<0.6.3

Improper Data Handling

ses is a secure runtime for running third-party code safely.

Affected versions of this package are vulnerable to Improper Data Handling due to a defect in harden properties which have names that parse as numbers but are not the same as the canonical representation of those numbers, as in "+0" and "" which are both equivalent to their canonical number "0", remain writable after hardening.

How to fix Improper Data Handling?

Upgrade ses to version 0.16.0 or higher.

<0.16.0

Outdated Static Dependency

ses is a secure runtime for running third-party code safely.

Affected versions of this package are vulnerable to Outdated Static Dependency. The package relies on realms-shim and has it loaded statically instead of as a dependency that can be updated. The version of realms-shim it has contains multiple critical Sandbox Breakout vulnerabilities.

How to fix Outdated Static Dependency?

Upgrade ses to version 0.6.3 or higher.

<0.6.3

Go back to all versions of this package