Description
There is a prototype pollution vulnerability in gsap which affects all versions before 3.6.0.
Recommendation
Update the gsap package to the latest compatible version. Followings are version details:
- Affected version(s): < 3.6.0
- Patched version(s): 3.6.0
References
Related Issues
- yargs-parser Vulnerable to Prototype Pollution - CVE-2020-7608
- Prototype pollution in class-transformer - CVE-2020-7637
- Prototype Pollution in madlib-object-utils - madlib-object-utils - CVE-2020-7701
- Prototype Pollution in asciitable.js - CVE-2020-7771
You might also like:
- Tags:
- npm
- gsap
Anything's wrong? Let us know Last updated on September 12, 2023


