Prototype pollution vulnerability in `jszip@2.5.x`

`appmetrics` [depends on](https://github.com/RuntimeTools/appmetrics/blob/4862e6882e85b63ea22c55cb4b273f17ef4820cb/package.json#L13) `jszip@2.5.x`, which has [this](https://www.npmjs.com/advisories/1774) prototype pollution vulnerability in it. Suggested remediation is to upgrade to `jszip@3.7.0` or later.

[Here is the upgrade guide](https://stuk.github.io/jszip/documentation/upgrade_guide.html) for upgrading from `jszip` 2 to 3.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Prototype pollution vulnerability in `[email protected]` #655

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Prototype pollution vulnerability in [email protected] #655

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions

Prototype pollution vulnerability in `[email protected]` #655