Critical vulnerability in simple-plist package (Prototype Pollution using .parse())
Sujay-shetty opened this issue · 1 comments
Sujay-shetty commented
Hi,
There is a critical vulnerability found in plist which is used in simple-plist. According to below commit this has been fixed in plist and simple-plist.
Could you please update simple-plist package to 1.3.1 version
Thanks,
Sujay
breautek commented
You should be able to reinstall or run npm update
to have the dependency patched in.