underscore-contrib@0.2.2 vulnerabilities

underscore-contrib ==================

Direct Vulnerabilities

Known vulnerabilities in the underscore-contrib package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • H
Prototype Pollution

underscore-contrib is an underscore-contrib ==================

Affected versions of this package are vulnerable to Prototype Pollution through the lib.fromQuery function. An attacker can disrupt service by supplying a crafted payload with Object.prototype setter to introduce or modify properties within the global prototype chain.

How to fix Prototype Pollution?

There is no fixed version for underscore-contrib.

*