[BUG] Upgrade transitive dependency "[email protected]" to fix CVE-2021-23362 #53

bhamail · 2021-03-30T15:15:46Z

What / Why

While scanning my project with auditjs, I discovered read-installed has a transitive dependency on [email protected] which has vulnerability CVE-2021-23362.

$ npm ls hosted-git-info
  [email protected] /Users/bhamail/sonatype/community/auditjs/auditjs
  └─┬ [email protected]
    └─┬ [email protected]
      └─┬ [email protected]
        └── [email protected]

The text was updated successfully, but these errors were encountered:

bhamail mentioned this issue Apr 7, 2021

Update read-package-json, setup GitHub action #54

Open

dae referenced this issue in ankitects/anki May 7, 2021

update license checker for security issue in dependency

83850a1

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[BUG] Upgrade transitive dependency "[email protected]" to fix CVE-2021-23362 #53

[BUG] Upgrade transitive dependency "[email protected]" to fix CVE-2021-23362 #53

bhamail commented Mar 30, 2021 •

edited

Loading

[BUG] Upgrade transitive dependency "[email protected]" to fix CVE-2021-23362 #53

[BUG] Upgrade transitive dependency "[email protected]" to fix CVE-2021-23362 #53

Comments

bhamail commented Mar 30, 2021 • edited Loading

What / Why

bhamail commented Mar 30, 2021 •

edited

Loading