vconsole@2.2.0 vulnerabilities

A lightweight, extendable front-end developer tool for mobile web page.

Direct Vulnerabilities

Known vulnerabilities in the vconsole package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • H
Prototype Pollution

vconsole is an A lightweight, extendable front-end developer tool for mobile web page.

Affected versions of this package are vulnerable to Prototype Pollution due to incorrect key and value resolution in setOptions method in core.ts.

How to fix Prototype Pollution?

Upgrade vconsole to version 3.15.1 or higher.

<3.15.1
  • M
Cross-site Scripting (XSS)

vconsole is an A lightweight, extendable front-end developer tool for mobile web page.

Affected versions of this package are vulnerable to Cross-site Scripting (XSS) vulnerability.

How to fix Cross-site Scripting (XSS)?

Upgrade vconsole to version 3.5.2 or higher.

<3.5.2
  • M
Cross-site Scripting (XSS)

vconsole is an A lightweight, extendable front-end developer tool for mobile web page.

Affected versions of this package are vulnerable to Cross-site Scripting (XSS). HTML was not escaped via the addCode function.

How to fix Cross-site Scripting (XSS)?

Upgrade vconsole to version 3.4.1 or higher.

<3.4.1