Open s100 opened 3 years ago
appmetrics depends on jszip@2.5.x, which has this prototype pollution vulnerability in it. Suggested remediation is to upgrade to jszip@3.7.0 or later.
appmetrics
jszip@2.5.x
jszip@3.7.0
Here is the upgrade guide for upgrading from jszip 2 to 3.
jszip
appmetrics
depends onjszip@2.5.x
, which has this prototype pollution vulnerability in it. Suggested remediation is to upgrade tojszip@3.7.0
or later.Here is the upgrade guide for upgrading from
jszip
2 to 3.