VYPR

npm package

mapbox.js

pkg:npm/mapbox.js

Vulnerabilities (2)

  • CVE-2017-1000043MedJul 17, 2017
    affected < 1.6.6fixed 1.6.6

    Mapbox.js versions 1.x prior to 1.6.6 and 2.x prior to 2.2.4 are vulnerable to a cross-site-scripting attack in certain uncommon usage scenarios via TileJSON name and map share control

  • CVE-2017-1000042MedJul 17, 2017
    affected < 1.6.5fixed 1.6.5

    Mapbox.js versions 1.x prior to 1.6.5 and 2.x prior to 2.1.7 are vulnerable to a cross-site-scripting attack in certain uncommon usage scenarios via TileJSON Name.