zrender@4.0.1 vulnerabilities

A lightweight graphic library providing 2d draw for Apache ECharts

Direct Vulnerabilities

Known vulnerabilities in the zrender package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • M
Prototype Pollution

zrender is an A lightweight canvas library.

Affected versions of this package are vulnerable to Prototype Pollution via the merge and clone helper methods in the src/core/utils.ts module.

How to fix Prototype Pollution?

Upgrade zrender to version 5.2.1 or higher.

<5.2.1