zod vulnerabilities

TypeScript-first schema declaration and validation library with static type inference

latest version

4.1.9

latest non vulnerable version

4.2.0-canary.20250911T052041

first published

5 years ago

latest version published

7 hours ago

licenses detected

MIT
>=0

View zod package health on Snyk Advisor (opens in a new tab)

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the zod package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Vulnerability	Vulnerable Version
H Regular Expression Denial of Service (ReDoS)	<3.22.3

Package versions

776 VERSIONS IN TOTAL See all versions

version	published	direct vulnerabilities
4.2.0-canary.20250911T052041	11 Sep, 2025	0 C 0 H 0 M 0 L
4.2.0-canary.20250911T051520	11 Sep, 2025	0 C 0 H 0 M 0 L
4.2.0-canary.20250911T051312	11 Sep, 2025	0 C 0 H 0 M 0 L
4.2.0-canary.20250911T045937	11 Sep, 2025	0 C 0 H 0 M 0 L
4.2.0-canary.20250911T045735	11 Sep, 2025	0 C 0 H 0 M 0 L
4.2.0-canary.20250911T045022	11 Sep, 2025	0 C 0 H 0 M 0 L
4.2.0-canary.20250911T044631	11 Sep, 2025	0 C 0 H 0 M 0 L
4.2.0-canary.20250911T044505	11 Sep, 2025	0 C 0 H 0 M 0 L
4.2.0-canary.20250911T000242	11 Sep, 2025	0 C 0 H 0 M 0 L
4.2.0-canary.20250828T181323	28 Aug, 2025	0 C 0 H 0 M 0 L