google-closure-library@20150315.0.0 vulnerabilities

Google's common JavaScript library

Direct Vulnerabilities

Known vulnerabilities in the google-closure-library package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • M
Insufficient Validation

google-closure-library is a powerful, low-level JavaScript library designed for building complex and scalable web applications. It is used by many Google web applications, such as Google Search, Gmail, Google Docs, Google+, Google Maps, and others.

Affected versions of this package are vulnerable to Insufficient Validation. A URL parsing issue in goog.uri of the Google Closure Library allows an attacker to send malicious URLs to be parsed by the library and return the wrong authority.

How to fix Insufficient Validation?

Upgrade google-closure-library to version 20200315.0.0 or higher.

<20200315.0.0