search

awslabs / kinesis-aggregation

AWS libraries/modules for working with Kinesis aggregated record data
Apache License 2.0
378 stars 153 forks source link

protobufjs Prototype Pollution vulnerability #185

Open cleversonferreira opened 6 months ago

cleversonferreira commented 6 months ago

Any plans for merging this pull request?

cleversonferreira commented 6 months ago

While this PR is not accepted, you can fix this vulnerability by implementing this code in your package.json

"overrides": {
  "aws-kinesis-agg": {
    "protobufjs@7.2.4": "7.2.5"
  }
}
mdbouchard commented 2 months ago

Appreciate the suggestion! 🙌