Vulnerability	Vulnerable Version
H Prototype Pollution @conform-to/zod is a Conform helpers for integrating with Zod Affected versions of this package are vulnerable to Prototype Pollution due to an improper implementation of the feature that parses nested objects in the form of `object.property`. An attacker can exploit this feature to manipulate the prototype of the target object by passing specially crafted input to the `parseWith` functions. Note This issue affects applications utilizing the library for server-side validation of form data or URL parameters. How to fix Prototype Pollution? Upgrade `@conform-to/zod` to version 0.9.2, 1.1.1 or higher.	<0.9.2>=1.0.0 <1.1.1

Prototype Pollution

@conform-to/zod is a Conform helpers for integrating with Zod

Affected versions of this package are vulnerable to Prototype Pollution due to an improper implementation of the feature that parses nested objects in the form of object.property. An attacker can exploit this feature to manipulate the prototype of the target object by passing specially crafted input to the parseWith functions.

Note

This issue affects applications utilizing the library for server-side validation of form data or URL parameters.

How to fix Prototype Pollution?

Upgrade @conform-to/zod to version 0.9.2, 1.1.1 or higher.

<0.9.2>=1.0.0 <1.1.1

Go back to all versions of this package