[BUG] Vulnerability present in version of dot-prop used by npm
Closed this issue · 1 comments
cmdcarini commented
What / Why
The version of dot-prop
used by npm
has a security vulnerability. It must be updated to a version >= 5.1.1 to be resolved.
References
ljharb commented
Note that prototype pollution CVEs are almost exclusively a non-issue on 99% of projects, and I'm pretty sure npm is one of them.