Skip to content
This repository has been archived by the owner on May 5, 2023. It is now read-only.

Vulnerability - Json Schema Prototype Pollution #5221

Closed
naveentej opened this issue Nov 30, 2021 · 2 comments
Closed

Vulnerability - Json Schema Prototype Pollution #5221

naveentej opened this issue Nov 30, 2021 · 2 comments
Assignees
@qiaozha

Comments

@naveentej
Copy link

https://snyk.io/vuln/SNYK-JS-JSONSCHEMA-1920922

Dependency chain => azure-common@0.9.26,request@2.88.2,http-signature@1.2.0,jsprim@1.4.1,json-schema@0.2.3

request is now deprecated and http-signature has an update that addresses this vulnerability (fixed by json schema @0.4.0)
@qiaozha qiaozha mentioned this issue Feb 11, 2022
Merged
@qiaozha
Copy link
Member

qiaozha commented Mar 8, 2022

close it as resolved with latest release. Thanks

@qiaozha qiaozha closed this as completed Mar 8, 2022
@rodrigorodriguez
Copy link

@qiaozha, same for ms-rest-azure > request@2.88.2: request has been deprecated, see request/request#3142. Would you update?

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@qiaozha qiaozha

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@naveentej @rodrigorodriguez @qiaozha