Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Vulnerability prototype pollution through har-validator

See original GitHub issue

Summary

✗ Prototype Pollution [High Severity][https://snyk.io/vuln/SNYK-JS-AJV-584908] in ajv@6.12.0 introduced by request@2.88.2 > har-validator@5.1.3 > ajv@6.12.0 This issue was fixed in versions: 6.12.3

Solution

yarn upgrade har-validator => then new release 2.88.3 please

Issue Analytics

State:
Created 3 years ago
Comments:5

Top GitHub Comments

4reactions

SigurdMWcommented, Aug 6, 2020

👍

2reactions

TheJavaGuycommented, Oct 4, 2020

This is implemented in request-master.

Top Results From Across the Web

What is prototype pollution? | Tutorial & examples - Snyk Learn

Prototype pollution can be complex, so we will walk through it in three steps. You will use prototype pollution to compromise a vulnerable...

npm install issue : 27 vulnerabilities (16 moderate, 9 high, 2 ...

27 vulnerabilities (16 moderate, 9 high, 2 critical) To address all issues (including breaking changes), run: npm audit fix --force Run `npm ...

Compare Versions | @likone/library | npm

GHSA-hrpp-h998-j3ppqs vulnerable to Prototype Pollution ... GHSA-jmqm-f2gx-4fjvSensitive information exposure through logs in ... har-validator 5.1.5.

Deprecated packages and vulnerabilities in Hybrid app

Since the hybrid-app-template is supported by Mendix, ... As for the security vulnerabilities, they all relate to either phonegap or webpack ...

6 high severity vulnerabilities to address all issues ... - You.com

npm WARN using --force Recommended protections disabled. npm WARN audit Updating ... node_modules/cssnano merge <2.1.1 Severity: high Prototype Pollution in ...