webpack-subresource-integrity@1.5.0 vulnerabilities
Webpack plugin for enabling Subresource Integrity
-
latest version
5.2.0-rc.1
-
latest non vulnerable version
-
first published
8 years ago
-
latest version published
a year ago
-
licenses detected
- >=0
Direct Vulnerabilities
Known vulnerabilities in the webpack-subresource-integrity package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.| Vulnerability | Vulnerable Version |
|---|---|
webpack-subresource-integrity is a Webpack plugin for enabling Subresource Integrity Affected versions of this package are vulnerable to Access Restriction Bypass. All dynamically loaded chunks receive an invalid integrity hash that is ignored by the browser, and therefore the browser cannot validate their integrity. This removes the additional level of protection offered by SRI for such chunks. Top-level chunks are unaffected. How to fix Access Restriction Bypass? Upgrade |
>=1.5.0 <1.5.1
|