## Overview

“The package `grpc` before 1.24.4 and the package `@grpc/grpc-js` before 1.1.8 are vulnerable to Prototype Pollution via loadPackageDefinition.”

## Recommendation

Upgrade to version 1.1.8 or later

## References

– [CVE](https://nvd.nist.gov/vuln/detail/CVE-2020-7768)
– [GitHub Advisory](https://github.com/advisories/GHSA-pp75-xfpw-37g9)Read More