Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

react+vite 项目下载mockjs 和 vite-plugin-mock 提示npm包高等漏洞 #511

Open
zhouzhouya1 opened this issue Mar 18, 2024 · 4 comments
Open

react+vite 项目下载mockjs 和 vite-plugin-mock 提示npm包高等漏洞 #511

zhouzhouya1 opened this issue Mar 18, 2024 · 4 comments

Comments

@zhouzhouya1
Copy link

react+vite 项目下载mockjs 和 vite-plugin-mock 提示npm包高等漏洞
@zhouzhouya1
Copy link
Author

提示问题是:
mockjs *
Severity: high
mockjs vulnerable to Prototype Pollution via the Util.extend function - GHSA-mh8j-9jvh-gjf6
No fix available
node_modules/mockjs

@hyx-fly
Copy link

hyx-fly commented Jun 9, 2024

这库已经很久没维护了,有问题也没人解决啊

@tgx1587900660
Copy link

这库已经很久没维护了,有问题也没人解决啊

有解决也没人合并啊

@wll8
Copy link

wll8 commented Jun 17, 2024

试试这个呢

https://github.com/wll8/mockm

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@wll8 @zhouzhouya1 @tgx1587900660 @hyx-fly