100
Critical
polyfill-io-loader
AIKIDO-2024-10145: polyfill-io-loader is vulnerable to Malicious Code in all versions.
Malicious Code
Vuln in 0.0.0 - *
No CVE available
TL;DR
polyfill-io-loader uses polyfill[.]io, which was taken over and serves malicious code.
Who does this affect?
You're affected if you use polyfill-io-loader.
How can it be fixed?
Remove this package from your application.
Background info
Are you
to these issues?
Connect your GitHub, GitLab, Bitbucket or Azure DevOps account to start scanning your repos for free.
Start For FreeYour data won't be shared · Read-only access
© 2024 Aikido Security BV | BE0792914919
🇪🇺 Grauwpoort 1, 9000 Ghent, Belgium
🇺🇸 95 Third St, 2nd Fl, San Francisco, CA 94103, US