dot-prop@4.2.0 vulnerabilities
Get, set, or delete a property from a nested object using a dot path
-
latest version
8.0.2
-
latest non vulnerable version
-
first published
9 years ago
-
latest version published
9 months ago
-
licenses detected
- >=0
Direct Vulnerabilities
Known vulnerabilities in the dot-prop package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.| Vulnerability | Vulnerable Version |
|---|---|
dot-prop is a package to get, set, or delete a property from a nested object using a dot path. Affected versions of this package are vulnerable to Prototype Pollution. It is possible for a user to modify the prototype of a base object. How to fix Prototype Pollution? Upgrade |
>1.0.1 <4.2.1
>=5.0.0 <5.1.1
|