xmlhttprequest-ssl@1.5.5 vulnerabilities
XMLHttpRequest for Node
-
latest version
2.1.2
-
latest non vulnerable version
-
first published
9 years ago
-
latest version published
19 days ago
-
licenses detected
- >=0
Direct Vulnerabilities
Known vulnerabilities in the xmlhttprequest-ssl package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
xmlhttprequest-ssl is a fork of Affected versions of this package are vulnerable to Access Restriction Bypass. The package disables SSL certificate validation by default, because How to fix Access Restriction Bypass? Upgrade |
<1.6.1
|
xmlhttprequest-ssl is a fork of Affected versions of this package are vulnerable to Arbitrary Code Injection. Provided requests are sent synchronously ( POC
How to fix Arbitrary Code Injection? Upgrade |
<1.6.2
|