Security overview · mozilla/node-convict · GitHub

Security

No security policy detected

This project has not set up a SECURITY.md file yet.

Report a vulnerability

Prototype pollution in convict via load(), loadFile(), and schema initialization
GHSA-hf2r-9gf9-rwch published Mar 24, 2026 by toufali

High
Prototype pollution in convict@6.2.4
GHSA-44fc-8fm5-q62h published Mar 24, 2026 by toufali

Critical
Prototype Pollution in convict
GHSA-4jrm-c32x-w4jf published Jan 9, 2023 by clouserw

High
Prototype Pollution in convict
GHSA-x2w5-725j-gf2g published Apr 20, 2022 by clouserw

High

Learn more about advisories related to mozilla/node-convict in the GitHub Advisory Database