You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Describe the bug
The json-schema npm dependency in package.json is outdated and vulnerable to attacks. Updating to version >=0.4.0 should fix the problem.
To Reproduce
Steps to reproduce the behavior:
Run npm audit
Find the following:
json-schema <0.4.0
Severity: moderate
json-schema is vulnerable to Prototype Pollution - https://github.com/advisories/GHSA-896r-f27r-55mw
No fix available
node_modules/@xops.net/json-schema-to-react-tree/node_modules/json-schema
@xops.net/json-schema-to-react-tree *
Depends on vulnerable versions of json-schema
node_modules/@xops.net/json-schema-to-react-tree
Expected behavior
Running npm audit should not include any warnings about the json-schema package
Describe the bug
The
json-schemanpm dependency inpackage.jsonis outdated and vulnerable to attacks. Updating to version >=0.4.0 should fix the problem.To Reproduce
Steps to reproduce the behavior:
npm auditExpected behavior
Running
npm auditshould not include any warnings about thejson-schemapackageAdditional context
See GHSA-896r-f27r-55mw to read about the vuln.
This should be as easy as running
npm install [email protected]to fix.This will also fix the same vulnerability that exists in https://github.com/open-rpc/docs-react due to this package being a dependency.
The text was updated successfully, but these errors were encountered: