Skip to content

Request node-forge version up #138

New issue
New issue
Open
Open
Request node-forge version up#138
@gaiuszzang

Description

@gaiuszzang
gaiuszzang
opened on Sep 25, 2021

Hello, I got the github issue report that node-forge in adbkit needs to version up due to follow.

CVE-2020-7720
Vulnerable versions: < 0.10.0
Patched version: 0.10.0
The package node-forge before 0.10.0 is vulnerable to Prototype Pollution via the util.setPath function. Note: Version 0.10.0 is a breaking change removing the vulnerable functions.

Please update the node-forge version 0.10.0 or later.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions