Описание
sweetalert2 contains potentially undesirable behavior
sweetalert2 versions from 11.6.14 to before 11.22.4 have potentially undesirable behavior. The package outputs audio and/or video messages that do not pertain to the functionality of the package when run on specific tlds. This functionality is documented on the project's readme.
Ссылки
- https://github.com/sweetalert2/sweetalert2/pull/2847
- https://github.com/sweetalert2/sweetalert2/commit/7de85db5c76ba3ef5f0cdbc335bbc4a7c559e012
- https://github.com/sweetalert2/sweetalert2/releases/tag/v11.4.9
- https://github.com/sweetalert2/sweetalert2/tree/6d02e1095e5d9db1dfa7f0708df6fa13a1b32be3#important-notice-about-usage-of-this-software-for-ru-su-and-%D1%80%D1%84-domain-zones
- https://www.npmjs.com/package/sweetalert2
Пакеты
Наименование
sweetalert2
npm
Затронутые версииВерсия исправления
>= 11.6.14, < 11.22.4
11.22.4
Дефекты
CWE-440
Дефекты
CWE-440