-
### Which Cloudflare product(s) does this pertain to?
Wrangler core
### What version(s) of the tool(s) are you using?
3.29.0
### What version of Node are you using?
20.11.1
### What …
-
Prototype pollution vulnerability in function declare() in node_modules\npmvc\lib\puremvc-1.0.1.js in npmvc1.0.6 via the variable node and LastNode
The function declare() lead to Prototype pollution …
-
# Overview
fun-map is a functional utilities for pretending that JS objects are Clojure string maps.
Affected versions of this package are vulnerable to Prototype Pollution.
The function assocInM cou…
-
For reference https://learn.snyk.io/lessons/prototype-pollution/javascript/
> Prototype pollution is an injection attack that targets JavaScript runtimes. With prototype pollution, an attacker migh…
-
`react-scanner` is using dset version 3.1.2 which is causing high severity warnings on npm.
[Github advisory board](https://github.com/advisories/GHSA-f6v4-cf5j-vf3w) warns of a prototype pollutio…
-
We need a lodash update. It'd be a good time to release to resolve #301 as well.
-
Hello,
there seems to be a security problem of a dependency in the latest version.
It needs to be fixed soon.
**Anyone know a workaround ?**
"npm audit fix --force" is NOT a goof idea as it in…
-
dojo Prototype Pollution
----
> copy and pasted from the Snyk security report
Vulnerability Score: 482
Introduced through dojo@1.10.4
Fixed in dojo@1.17.0
Explo…
-
Vulnerable Library - ts-loader-8.0.17.tgz
Path to dependency file: /backend/new/chongluadao-backend/package.json
Path to vulnerable library: /backend/new/chongluadao-backend/node_modules/loader-uti…
-
### Description
Upgrade `tough-cookie` to a non vulnerable version.
The upgrade to `cypress 12.x.x `should solve some of the vulnerability issues in this alert. Might need to find an
alternative to…