2 matches found
@amoy/animate (>=0.1.0 <=0.1.8), @amoy/query (>=0.1.1 <=0.4.3) +4 more potentially affected by CVE-2024-38994 via @amoy/common (=1.0.10)
@amoy/common NPM version =1.0.10 is affected by a known vulnerability. The following packages have a transitive dependency on @amoy/common and may be impacted: - @amoy/animate =0.1.0, =0.1.1, =1.0.0, =0.1.0, =1.0.1, =1.0.42 - react-webgl.js =0.0.1 Source cves: CVE-2024-38994 Source advisory:...
amoy common Security Vulnerabilities
amoy common is a library in amoyjs open source. A security vulnerability exists in amoy common v1.0.10, which stems from prototype contamination via the function setValue, allowing an attacker to execute arbitrary code or cause a denial of service DoS by injecting arbitrary properties...