NodeJS/gsap/1.20.2
GSAP is a framework-agnostic JavaScript animation library that turns developers into animation superheroes. Build high-performance animations that work in **every** major browser. Animate CSS, SVG, canvas, React, Vue, WebGL, colors, strings, motion paths,
https://www.npmjs.com/package/gsap
Standard 'no charge' license: https://greensock.com/standard-license. Club GreenSock members get more: https://greensock.com/licensing/. Why GreenSock doesn't employ an MIT license: https://greensock.com/why-license/
1 Security Vulnerabilities
Prototype pollution in gsap
Published date: 2021-01-20T21:21:50Z
CVE: CVE-2020-28478
Links:
- https://nvd.nist.gov/vuln/detail/CVE-2020-28478
- https://github.com/advisories/GHSA-6g8v-hpgw-h2v7
- https://github.com/greensock/GSAP/blob/master/src/gsap-core.js#L150
- https://github.com/greensock/GSAP/blob/master/src/gsap-core.js%23L147
- https://github.com/greensock/GSAP/releases/tag/3.6.0
- https://snyk.io/vuln/SNYK-JS-GSAP-1054614
- https://www.npmjs.com/package/gsap/v/3.6.0
There is a prototype pollution vulnerability in gsap which affects all versions before 3.6.0.
Affected versions:
["1.13.2", "1.14.2", "1.16.0", "1.16.1", "1.17.0", "1.18.0", "1.18.3", "1.18.4", "1.19.0", "1.20.1", "1.20.3", "1.20.5", "2.0.0", "2.0.1", "2.1.1", "2.1.2", "3.0.0-beta.10", "3.0.0-beta.11", "3.0.0", "3.0.1", "3.0.5", "3.1.1", "3.2.3", "3.2.5", "3.2.6", "3.3.1", "3.3.2", "3.3.3", "3.4.0", "3.5.0", "3.5.1", "1.14.1", "1.15.0", "1.15.1", "1.18.2", "1.18.5", "1.19.1", "1.20.0", "1.20.2", "1.20.4", "1.20.6", "2.0.2", "2.1.0", "2.1.3", "3.0.0-beta.7", "3.0.0-beta.8", "3.0.2", "3.0.3", "3.0.4", "3.1.0", "3.2.0", "3.2.1", "3.2.2", "3.2.4", "3.3.0", "3.3.4", "3.4.1", "3.4.2"]
Secure versions:
[3.10.0, 3.10.1, 3.10.2, 3.10.3, 3.10.4, 3.11.0, 3.11.1, 3.11.2, 3.11.3, 3.11.4, 3.11.5, 3.12.0, 3.12.1, 3.12.2, 3.12.3, 3.12.4, 3.12.5, 3.12.6, 3.12.7, 3.13.0, 3.6.0, 3.6.1, 3.7.0, 3.7.1, 3.8.0, 3.9.0, 3.9.1]
Recommendation:
Update to version 3.13.0.
85 Other Versions
| Version | License | Security | Released | |
|---|---|---|---|---|
| 3.0.1 | Standard 'no charge' license: https://greensock.com/standard-license. Club GreenSock members get more: https://greensock.com/licensing/. Why GreenSock doesn't employ an MIT license: https://greensock.com/why-license/ | 1 | 2019-11-10 - 21:30 | over 5 years |
| 3.0.0 | Standard 'no charge' license: https://greensock.com/standard-license. Club GreenSock members get more: https://greensock.com/licensing/. Why GreenSock doesn't employ an MIT license: https://greensock.com/why-license/ | 1 | 2019-11-10 - 05:02 | over 5 years |
| 3.0.0-beta.11 | Standard 'no charge' license: https://greensock.com/standard-license. Club GreenSock members get more: https://greensock.com/licensing/. Why GreenSock doesn't employ an MIT license: https://greensock.com/why-license/ | 1 | 2019-11-02 - 04:06 | over 5 years |
| 3.0.0-beta.10 | Standard 'no charge' license: https://greensock.com/standard-license. Club GreenSock members get more: https://greensock.com/licensing/. Why GreenSock doesn't employ an MIT license: https://greensock.com/why-license/ | 1 | 2019-11-01 - 05:47 | over 5 years |
| 3.0.0-beta.8 | Standard 'no charge' license: https://greensock.com/standard-license. Club GreenSock members get more: https://greensock.com/licensing/. Why GreenSock doesn't employ an MIT license: https://greensock.com/why-license/ | 1 | 2019-10-06 - 23:23 | over 5 years |
| 3.0.0-beta.7 | Standard 'no charge' license: https://greensock.com/standard-license. Club GreenSock members get more: https://greensock.com/licensing/. Why GreenSock doesn't employ an MIT license: https://greensock.com/why-license/ | 1 | 2019-09-21 - 14:11 | almost 6 years |
| 2.1.3 | Standard 'no charge' license: https://greensock.com/standard-license. Club GreenSock members get more: https://greensock.com/licensing/. Why GreenSock doesn't employ an MIT license: https://greensock.com/why-license/ | 1 | 2019-05-18 - 20:44 | about 6 years |
| 2.1.2 | Standard 'no charge' license: https://greensock.com/standard-license. Club GreenSock members get more: https://greensock.com/licensing/. Why GreenSock doesn't employ an MIT license: https://greensock.com/why-license/ | 1 | 2019-03-02 - 18:45 | over 6 years |
| 2.1.1 | Standard 'no charge' license: https://greensock.com/standard-license. Club GreenSock members get more: https://greensock.com/licensing/. Why GreenSock doesn't employ an MIT license: https://greensock.com/why-license/ | 1 | 2019-02-22 - 06:20 | over 6 years |
| 2.1.0 | Standard 'no charge' license: https://greensock.com/standard-license. Club GreenSock members get more: https://greensock.com/licensing/. Why GreenSock doesn't employ an MIT license: https://greensock.com/why-license/ | 1 | 2019-02-18 - 04:01 | over 6 years |
| 2.0.2 | Standard 'no charge' license: https://greensock.com/standard-license. Club GreenSock members get more: https://greensock.com/licensing/. Why GreenSock doesn't employ an MIT license: https://greensock.com/why-license/ | 1 | 2018-08-26 - 01:41 | almost 7 years |
| 2.0.1 | Standard 'no charge' license: https://greensock.com/standard-license. Club GreenSock members get more: https://greensock.com/licensing/. Why GreenSock doesn't employ an MIT license: https://greensock.com/why-license/ | 1 | 2018-05-30 - 19:39 | about 7 years |
| 2.0.0 | Standard 'no charge' license: https://greensock.com/standard-license. Club GreenSock members get more: https://greensock.com/licensing/. Why GreenSock doesn't employ an MIT license: https://greensock.com/why-license/ | 1 | 2018-05-23 - 15:30 | about 7 years |
| 1.20.6 | Standard 'no charge' license: https://greensock.com/standard-license. Club GreenSock members get more: https://greensock.com/licensing/. Why GreenSock doesn't employ an MIT license: https://greensock.com/why-license/ | 1 | 2018-05-23 - 14:39 | about 7 years |
| 1.20.5 | Standard 'no charge' license: https://greensock.com/standard-license. Club GreenSock members get more: https://greensock.com/licensing/. Why GreenSock doesn't employ an MIT license: https://greensock.com/why-license/ | 1 | 2018-05-23 - 05:44 | about 7 years |
| 1.20.4 | Standard 'no charge' license: https://greensock.com/standard-license. Club GreenSock members get more: https://greensock.com/licensing/. Why GreenSock doesn't employ an MIT license: https://greensock.com/why-license/ | 1 | 2018-02-16 - 07:02 | over 7 years |
| 1.20.3 | Standard 'no charge' license: https://greensock.com/standard-license. Club GreenSock members get more: https://greensock.com/licensing/. Why GreenSock doesn't employ an MIT license: https://greensock.com/why-license/ | 1 | 2017-10-03 - 06:42 | almost 8 years |
| 1.20.2 | Standard 'no charge' license: https://greensock.com/standard-license. Club GreenSock members get more: https://greensock.com/licensing/. Why GreenSock doesn't employ an MIT license: https://greensock.com/why-license/ | 1 | 2017-06-30 - 22:18 | about 8 years |
| 1.20.1 | Standard 'no charge' license: https://greensock.com/standard-license. Club GreenSock members get more: https://greensock.com/licensing/. Why GreenSock doesn't employ an MIT license: http://greensock.com/why-license/ | 1 | 2017-06-29 - 20:21 | about 8 years |
| 1.20.0 | Standard 'no charge' license: http://greensock.com/standard-license. Club GreenSock members get more: http://greensock.com/licensing/. Why GreenSock doesn't employ an MIT license: http://greensock.com/why-license/ | 1 | 2017-06-29 - 02:44 | about 8 years |
| 1.19.1 | Standard 'no charge' license: http://greensock.com/standard-license. Club GreenSock members get more: http://greensock.com/licensing/. Why GreenSock doesn't employ an MIT license: http://greensock.com/why-license/ | 1 | 2017-01-18 - 06:26 | over 8 years |
| 1.19.0 | Standard 'no charge' license: http://greensock.com/standard-license. Club GreenSock members get more: http://greensock.com/licensing/. Why GreenSock doesn't employ an MIT license: http://greensock.com/why-license/ | 1 | 2016-07-18 - 22:44 | almost 9 years |
| 1.18.5 | GreenSock's standard 'no charge' license: http://greensock.com/standard-license. Club GreenSock members get additional rights; see http://greensock.com/licensing/. Learn why GreenSock doesn't employ an MIT license: http://greensock.com/why-license/ | 1 | 2016-05-25 - 23:55 | about 9 years |
| 1.18.4 | GreenSock's standard 'no charge' license can be viewed at http://greensock.com/standard-license. Club GreenSock members are granted additional rights. See http://greensock.com/licensing/ for details. Why doesn't GreenSock employ an MIT (or similar) open source license OR and why is that a *good* thing? This article explains it all: http://greensock.com/why-license/ | 1 | 2016-04-27 - 15:09 | about 9 years |
| 1.18.3 | GreenSock's standard no-charge license can be viewed at http://greensock.com/standard-license. Club GreenSock members are granted additional rights; see http://greensock.com/club/ and http://greensock.com/licensing/ for details. | 1 | 2016-04-20 - 04:05 | about 9 years |
| 1.18.2 | GreenSock's standard no-charge license can be viewed at http://greensock.com/standard-license. Club GreenSock members are granted additional rights; see http://greensock.com/club/ and http://greensock.com/licensing/ for details. | 1 | 2015-12-22 - 19:08 | over 9 years |
| 1.18.0 | Standard 'no charge' license: https://greensock.com/standard-license. Club GreenSock members get more: https://greensock.com/licensing/. Why GreenSock doesn't employ an MIT license: https://greensock.com/why-license/ | 1 | 2015-09-07 - 20:21 | almost 10 years |
| 1.17.0 | Standard 'no charge' license: https://greensock.com/standard-license. Club GreenSock members get more: https://greensock.com/licensing/. Why GreenSock doesn't employ an MIT license: https://greensock.com/why-license/ | 1 | 2015-05-28 - 17:16 | about 10 years |
| 1.16.1 | Standard 'no charge' license: https://greensock.com/standard-license. Club GreenSock members get more: https://greensock.com/licensing/. Why GreenSock doesn't employ an MIT license: https://greensock.com/why-license/ | 1 | 2015-03-14 - 17:55 | over 10 years |
| 1.16.0 | Standard 'no charge' license: https://greensock.com/standard-license. Club GreenSock members get more: https://greensock.com/licensing/. Why GreenSock doesn't employ an MIT license: https://greensock.com/why-license/ | 1 | 2015-03-01 - 23:12 | over 10 years |
| 1.15.1 | Standard 'no charge' license: https://greensock.com/standard-license. Club GreenSock members get more: https://greensock.com/licensing/. Why GreenSock doesn't employ an MIT license: https://greensock.com/why-license/ | 1 | 2015-01-25 - 06:56 | over 10 years |
| 1.15.0 | Standard 'no charge' license: https://greensock.com/standard-license. Club GreenSock members get more: https://greensock.com/licensing/. Why GreenSock doesn't employ an MIT license: https://greensock.com/why-license/ | 1 | 2014-12-03 - 21:01 | over 10 years |
| 1.14.2 | Standard 'no charge' license: https://greensock.com/standard-license. Club GreenSock members get more: https://greensock.com/licensing/. Why GreenSock doesn't employ an MIT license: https://greensock.com/why-license/ | 1 | 2014-10-29 - 21:02 | over 10 years |
| 1.14.1 | Standard 'no charge' license: https://greensock.com/standard-license. Club GreenSock members get more: https://greensock.com/licensing/. Why GreenSock doesn't employ an MIT license: https://greensock.com/why-license/ | 1 | 2014-10-17 - 16:24 | over 10 years |
| 1.13.2 | Standard 'no charge' license: https://greensock.com/standard-license. Club GreenSock members get more: https://greensock.com/licensing/. Why GreenSock doesn't employ an MIT license: https://greensock.com/why-license/ | 1 | 2014-08-25 - 22:03 | almost 11 years |