Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES SCA (Software Composition Analysis)

CVE-2020-28477 Vulnerability in npm package immer

Description

This affects all versions of package immer.

Remediation

References

https://github.com/immerjs/immer/blob/master/src/plugins/patches.ts%23L213

https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-1061986

https://snyk.io/vuln/SNYK-JS-IMMER-1019369

Related Vulnerabilities

CVE-2020-28500 Vulnerability in npm package lodash

CVE-2021-27850 Vulnerability in maven package org.apache.tapestry:tapestry-core

CVE-2019-9155 Vulnerability in maven package org.webjars.npm:openpgp

CVE-2021-23358 Vulnerability in npm package underscore

CVE-2021-33036 Vulnerability in maven package org.apache.hadoop:hadoop-yarn-server-common

Severity

Critical

Tags

Broken Link Exploit Third Party Advisory NVD-CWE-noinfo