ajv is dependent on widdershins and we are using the latest version of widdershins@4.0.1.
Originally posted by **so-amuk** February 21, 2022
https://snyk.io/test/npm/widdershins
Please publish latest version of widdershins as we are getting vulnerability issue with this package ajv@5.5.2. Currently I have installed widdershins@4.0.1.
```
[](https://snyk.io/test/npm/widdershins#SNYK-JS-AJV-584908)Prototype Pollution
Vulnerable module: [ajv](https://www.npmjs.com/package/ajv)
Introduced through: swagger2openapi@6.2.3
Detailed paths
Introduced through: widdershins@4.0.1 › swagger2openapi@6.2.3 › oas-validator@4.0.8 › ajv@5.5.2
Remediation: Upgrade to swagger2openapi@7.0.0.
```
Please help us to resolve vulnerability issue with ajv package.
Discussed in https://github.com/Mermade/widdershins/discussions/497
ajv is dependent on widdershins and we are using the latest version of widdershins@4.0.1.