Vulnerability with [email protected] #594

amansanghvi · 2022-08-24T01:02:46Z

SDK you're using (please complete the following information):

Version [4.19.1, 4.23.0]

Describe the bug
Snyk on our system shows a "high" ranked vulnerability:

[email protected] › [email protected] › [email protected] › [email protected] › [email protected]

as this may pollute the global prototype via the validate function.

This is fixed in [email protected].

Automated advice from Snyk is:

Your dependencies are out of date, otherwise you would be using a newer json-schema than [email protected]. Try relocking your lockfile or deleting node_modules. If the problem persists, one of your dependencies may be bundling outdated modules.

The text was updated successfully, but these errors were encountered:

tnzzz · 2022-09-07T22:57:09Z

Hi @amansanghvi 👋 I've just started looking into this issue, and believe it is related to #579 and the deprecated request library.

sangeet-joy-tw · 2024-02-07T06:19:30Z

We have updated the required packages in our new version. npm audit report is clean now.

Please use version v5.0.1

let us know with any further issues on this ticket. @amansanghvi @tnzzz

sangeet-joy-tw · 2024-02-08T13:10:05Z

Please use version v5.0.1

sangeet-joy-tw self-assigned this Feb 8, 2024

sangeet-joy-tw closed this as completed Feb 8, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Vulnerability with [email protected] #594

Vulnerability with [email protected] #594

amansanghvi commented Aug 24, 2022

tnzzz commented Sep 7, 2022

sangeet-joy-tw commented Feb 7, 2024

sangeet-joy-tw commented Feb 8, 2024

Vulnerability with [email protected] #594

Vulnerability with [email protected] #594

Comments

amansanghvi commented Aug 24, 2022

tnzzz commented Sep 7, 2022

sangeet-joy-tw commented Feb 7, 2024

sangeet-joy-tw commented Feb 8, 2024