npm package
@zag-js/core
pkg:npm/%40zag-js/core
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-57079 | Hig | 7.5 | < 0.82.2 | 0.82.2 | Feb 5, 2025 | A prototype pollution in the lib.deepMerge function of @zag-js/core v0.50.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted payload. |
- affected < 0.82.2fixed 0.82.2
A prototype pollution in the lib.deepMerge function of @zag-js/core v0.50.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted payload.