ag-grid-enterprise v31.3.2 was discovered to contain a prototype pollution via the component _ModuleSupport.jsonApply. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| @ag-grid-enterprise/charts(npm) | 32.0.0 | 32.0.1 | N/A |
| ag-grid-community(npm) | 32.0.0 | 32.0.1 | N/A |
| ag-grid-enterprise(npm) | 32.0.0 | 32.0.1 | N/A |
| @ag-grid-enterprise/charts(npm) | 0 | 31.3.4 | N/A |
| ag-grid-community(npm) | 0 | 31.3.4 | N/A |
| ag-grid-enterprise(npm) | 0 | 31.3.4 | N/A |
CVSS Metrics
