tileserver-gl@1.5.0 vulnerabilities
Map tile server for JSON GL styles - vector and server side generated raster tiles
latest version
5.1.3
latest non vulnerable version
first published
8 years ago
latest version published
16 days ago
licenses detected
- >=0
Direct Vulnerabilities
Known vulnerabilities in the tileserver-gl package. This does not include vulnerabilities belonging to this package’s dependencies.
How to fix?
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free| Vulnerability | Vulnerable Version |
|---|---|
tileserver-gl is a Map tile server for JSON GL styles - vector and server side generated raster tiles Affected versions of this package are vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') through the How to fix Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')? Upgrade | <4.5.0 |
tileserver-gl is a Map tile server for JSON GL styles - vector and server side generated raster tiles Affected versions of this package are vulnerable to Cross-site Scripting (XSS). The content of the key GET parameter is reflected unsanitized in an HTTP response for the application's main page, causing reflected XSS. How to fix Cross-site Scripting (XSS)? Upgrade | <3.1.0 |