Prototype Pollution
Discription
## Overview
“The package `grpc` before 1.24.4 and the package `@grpc/grpc-js` before 1.1.8 are vulnerable to Prototype Pollution via loadPackageDefinition.”
## Recommendation
Upgrade to version 1.1.8 or later
## References
– [CVE](https://nvd.nist.gov/vuln/detail/CVE-2020-7768)
– [GitHub Advisory](https://github.com/advisories/GHSA-pp75-xfpw-37g9)Read More
References
Back to Main