|
"@apollo/protobufjs": "1.2.7" |
A security vulnerability has been identified in the current version of @apollo/protobufjs used by this library. Currently, the project depends on v1.2.7, which has been flagged by Snyk for security risks.
Details
Vulnerable Package: @apollo/protobufjs
Current Version: 1.2.7
Fixed Version: 1.2.8
Security Tool: Snyk
Reason for Upgrade
The upgrade to v1.2.8 contains critical security patches that resolve known vulnerabilities in the protobuf parser/generator. Upgrading will ensure the library remains compliant with security best practices and protects downstream users from potential exploits.
apollo-server/packages/usage-reporting-protobuf/package.json
Line 47 in 5bf001c
A security vulnerability has been identified in the current version of @apollo/protobufjs used by this library. Currently, the project depends on v1.2.7, which has been flagged by Snyk for security risks.
Details
Vulnerable Package: @apollo/protobufjs
Current Version: 1.2.7
Fixed Version: 1.2.8
Security Tool: Snyk
Reason for Upgrade
The upgrade to v1.2.8 contains critical security patches that resolve known vulnerabilities in the protobuf parser/generator. Upgrading will ensure the library remains compliant with security best practices and protects downstream users from potential exploits.