Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

High Severity: Prototype Pollution in vulnerable module shvl@2.0.1 #34

Closed
andrew-itscript opened this issue Jan 11, 2021 · 1 comment
Closed

High Severity: Prototype Pollution in vulnerable module shvl@2.0.1 #34

andrew-itscript opened this issue Jan 11, 2021 · 1 comment

Comments

@andrew-itscript
Copy link

  • shvl version: 2.0.1
  • node version: 12.6.1
  • npm (or yarn) version: 6.13.4

Problem description:
Snyk reported recently about High Severity: Prototype Pollution in vulnerable module shvl@2.0.1 . The vuex-persistedstate project depends on shvl and therefore became listed as vulnerable primary dependency in our production project.
https://snyk.io/test/npm/shvl/2.0.1

Could you have a look and provide fix please?
@robinvdvleuten
Copy link
Owner

I probably can, but what should be the fix?

# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@robinvdvleuten @andrew-itscript