apify@0.12.2

Vulnerabilities

1 via 1 paths

Dependencies

157

Source

npm

Find, fix and prevent vulnerabilities in your code.

Severity
  • 1
Status
  • 1
  • 0
  • 0

high severity

Use After Free

  • Vulnerable module: puppeteer
  • Introduced through: puppeteer@1.12.2

Detailed paths

  • Introduced through: apify@0.12.2 puppeteer@1.12.2
    Remediation: Upgrade to apify@0.13.0.

Overview

puppeteer is a Node library which provides a high-level API to control Chrome or Chromium over the DevTools Protocol.

Affected versions of this package are vulnerable to Use After Free via the Chromium FileReader.

Note: This vulnerability affects all software based on Chromium, including Electron.

Remediation

Upgrade puppeteer to version 1.13.0 or higher.

References