High Severity: Prototype Pollution vulnerability in module shvl
prasunk96 opened this issue · 0 comments
prasunk96 commented
vuex-persistedstateversion: 2.2.0 and all the versions released after thatnodeversion: 12.13.0npm(oryarn) version: 6.14.7
Problem description:
Snyk had reported High Severity: Prototype Pollution for all the shvl versions released before shvl@2.0.3. The vuex-persistedstate project depends on shvl and therefore became listed as a vulnerable primary dependency in our production project which uses vuex-persistedstate@2.5.4, vue@2.6.10 and vuex@3.1.0. please check below:
https://snyk.io/vuln/npm:shvl
Suggested solution:
The recommended version of shvl that has the fix for High Severity: Prototype Pollution is shvl@2.0.3
https://snyk.io/test/npm/shvl/2.0.3