DataTables/Dist-DataTables

DataTables/Dist-DataTables

CVE History

CVEPublishedCVSS v2CVSS v3
CVE-2021-234456.1 MEDIUM4.3 MEDIUM
This affects the package datatables.net before 1.11.3. If an array is passed to the HTML escape entities function it would not have its contents escaped.
CVE-2020-284587.3 HIGH7.5 HIGH
All versions of package datatables.net are vulnerable to Prototype Pollution due to an incomplete fix for https://snyk.io/vuln/SNYK-JS-DATATABLESNET-598806.