AIKIDO-2025-10802
fabric is vulnerable to Prototype Pollution
47
Medium Risk
This Affects:
fabricTL;DR
Affected versions of this package are vulnerable to prototype pollution. The charWidthCache object is a plain JavaScript object with keys derived from user-controlled data (such as font family, style, and weight). By setting values like fontFamily to __proto__ or manipulating other font properties, an attacker can modify the global object prototype, potentially leading to unexpected behavior or application instability. Although the injected data is not directly controlled by the attacker, the ability to tamper with Object.prototype poses a significant risk. The issue is resolved by replacing the plain object with a Map, which prevents prototype pollution and provides a safer, more suitable data structure.
Who does this affect?
You are affected if you are using a version that falls within the vulnerable range.
Background info
fabric is vulnerable to Prototype Pollution in versions 0.0.1 - 6.8.0.
How to fix this
Upgrade the fabric library to the patch version.
Are You Affected?
Connect your repositories to instantly see whether vulnerable or malicious packages exist in your codebase.
Free. No credit card required.
SOC 2Compliant
ISO 27001Compliant