Vulnerability in validator package

[TheBrockEllis]

Running NPM audit reveals that the validator package that is used by z-schema, which is a dependency of swagger-tools, has a moderate vulnerability.

Link to the z-schema Github issue

Link to the NPM advisory

Is there any chance that this package will eventually be updated when the other upstream packages get patched?

[Nigrimmist]

The same issue

[TheBrockEllis]

The z-schema package updated the issue 12 days ago with a fix for the discovered vulnerability. Any ETA for a new release of swagger-tools that would include updated dependencies?

[piyushhajare]

We are having same issue with this. Z-schema has also updated the vulnerable package, can someone let us know the ETA for a new release of swagger-tools with updated version of z-schema?

[hrgondaliya]

We are having the same issue with this. The z-schema package updated the issue 12 days ago with a fix for the discovered vulnerability. Any ETA for a new release of swagger-tools?

[hrgondaliya]

Anyone can help with an alternative package for "swagger-tools" which does not have this vulnerability?

[amaciejk]

Also watching