search

krg7880 / json-schema-generator

Generates draft v4 schema from a local file or a remote JSON url.
MIT License
174 stars 53 forks source link

Update request -> extend #27

Closed Amir-61 closed 5 years ago

Amir-61 commented 5 years ago

Prototype Pollution security issue

High severity vulnerability found in extend
Description: Prototype Pollution
Introduced through: json-schema-generator@2.0.6
From: json-schema-generator@2.0.6 > request@2.83.0 > extend@3.0.1

Solution is to use the right version of request which does not use extend@3.0.1; if latest version of request still has that issue, then request needs to fix that by using the latest version of extend where they fix this issue.

Amir-61 commented 5 years ago

The issue got resolved on the latest version