GMS-2023-1887: sweetalert2 v11.6.14 and above contains potentially undesirable behavior

July 10, 2023

sweetalert2 versions 11.6.14 and above have potentially undesirable behavior. The package outputs audio and/or video messages that do not pertain to the functionality of the package when run on specific tlds. This functionality is documented on the project’s readme

References

github.com/advisories/GHSA-mrr8-v49w-3333
github.com/sweetalert2/sweetalert2
github.com/sweetalert2/sweetalert2/releases/tag/v11.4.9
www.npmjs.com/package/sweetalert2

Code Behaviors & Features

Detect and mitigate GMS-2023-1887 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →