[Snyk: High]: json-schema prototype pollution (due 02/03/2022)

[pkfec]

Overview

Affected versions of this package are vulnerable to Prototype Pollution via the validate function, which when given a special payload will pollute Object with undesired attributes.

https://security.snyk.io/vuln/SNYK-JS-JSONSCHEMA-1920922

Detailed path:

Introduced through [email protected]

• Introduced through: [email protected] › [email protected] › [email protected] › [email protected] › [email protected] › [email protected]

  Fix: Your dependencies are out of date, otherwise you would be using a newer json-schema than [email protected]. Try relocking your lockfile or deleting node_modules, reinstalling and running snyk wizard. If the problem persists, one of your dependencies may be bundling outdated modules.

• Introduced through: [email protected] › [email protected] › [email protected] › [email protected] › [email protected] › [email protected] › [email protected]

• Fix: Your dependencies are out of date, otherwise you would be using a newer json-schema than [email protected]. Try relocking your lockfile or deleting node_modules, reinstalling and running snyk wizard. If the problem persists, one of your dependencies may be bundling outdated modules.

Remediation:

Fixed in [email protected].

Completion criteria:

• Fix: Your dependencies are out of date, otherwise you would be using a newer json-schema.Try relocking your lockfile or deleting node_modules, reinstalling and running snyk wizard. If the problem persists, one of your dependencies may be bundling outdated modules.

Once we upgrade to [email protected] this should be resolved.