VYPR

npm package

ag-grid-enterprise

pkg:npm/ag-grid-enterprise

Vulnerabilities (2)

  • CVE-2024-39001Jul 1, 2024
    affected >= 32.0.0, < 32.0.1fixed 32.0.1

    ag-grid-enterprise v31.3.2 was discovered to contain a prototype pollution via the component _ModuleSupport.jsonApply. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties.

  • CVE-2024-38996Jul 1, 2024
    affected < 31.3.4fixed 31.3.4

    ag-grid-community v31.3.2 and ag-grid-enterprise v31.3.2 were discovered to contain a prototype pollution via the _.mergeDeep function. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties.