elements icon indicating copy to clipboard operation
elements copied to clipboard

Published 20 hours ago verified publisher icon stoplightio

Vulnerability in dependency json-pointer

Open jschaefer77 opened this issue 2 years ago • 1 comments

Describe the bug

Our scanner found the following vulnerability for json-pointer dependency: https://nvd.nist.gov/vuln/detail/CVE-2021-23820 @stoplight/elements ->@stoplight/elements-core -> @stoplight/json-schema-sampler -> json-pointer

To Reproduce

  1. Given this OpenAPI document '...'
  2. Run this CLI command '....'
  3. See error

Expected behavior

A clear and concise description of what you expected to happen.

Additional context

Add any other context about the problem here.

Screenshots If applicable, add screenshots to help explain your problem.

Environment (remove any that are not applicable):

  • Library version: [e.g. 3.0.0] 7.5.13
  • OS: [e.g. Windows 7]
  • Browser: [e.g. Chrome 61]
  • Platform: [desktop or web]

jschaefer77 avatar Mar 07 '22 13:03 jschaefer77

Should be fixed by https://github.com/stoplightio/json-schema-sampler/issues/24

mnaumanali94 avatar Mar 10 '22 17:03 mnaumanali94