search

grantila / suretype

Typesafe JSON (Schema) validator
510 stars 9 forks source link

Prototype Pollution in node-jsonpointer #30

Closed Magnielcz closed 1 year ago

Magnielcz commented 2 years ago

Please upgrade dependency awesome-ajv-errors to version 5.0.0 to avoid this vulnerability.

Prototype Pollution in node-jsonpointer - https://github.com/advisories/GHSA-282f-qqgm-c34q

Will install typeconv@1.2.0, which is a breaking change node_modules/jsonpointer awesome-ajv-errors <=2.0.0 Depends on vulnerable versions of jsonpointer node_modules/awesome-ajv-errors suretype <=2.4.1 Depends on vulnerable versions of awesome-ajv-errors node_modules/suretype

grantila commented 1 year ago

Thanks! This should be fixed in 3.1.0.