SNYK-JS-DATATABLESNET-1016402
## Overview [datatables.net](https://www.npmjs.com/package/datatables.net) is a DataTables for jQuery Affected versions of this package are vulnerable to Prototype Pollution due to an incomplete fix for https://snyk.io/vuln/SNYK-JS-DATATABLESNET-598806. ## Remediation Upgrade `datatables.net` to version 1.10.23 or higher. ## References - [GitHub Additional Information](https://github.com/DataTables/Dist-DataTables/blob/master/js/jquery.dataTables.js#L2766) - [GitHub Commit](https://github.com/DataTables/DataTablesSrc/commit/a51cbe99fd3d02aa5582f97d4af1615d11a1ea03) - [Related Vulnerabiltiy](https://snyk.io/vuln/SNYK-JS-DATATABLESNET-598806)
Risk Scores
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| 0 |
Timeline
- Oct 7, 2020 CVE Updated
- Dec 17, 2020 CVE Published
References
- https://snyk.io/vuln/SNYK-JS-DATATABLESNET-598806 technical
- https://security.snyk.io/vuln/SNYK-JS-DATATABLESNET-1016402 advisory
- https://learn.snyk.io/lesson/prototype-pollution/ technical
- https://www.npmjs.com/package/datatables.net vendor
- https://github.com/DataTables/Dist-DataTables/blob/master/js/jquery.dataTables.js#L2766 technical
- https://github.com/DataTables/DataTablesSrc/commit/a51cbe99fd3d02aa5582f97d4af1615d11a1ea03 patch