We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Hi, @dmfrancisco, I have reported a vulnerability issue in package google-p12-pem.
As far as I am aware, vulnerability(high severity) CVE-2020-7720 detected in package node-forge(<0.10.0) is directly referenced by [email protected], on which your package [email protected] transitively depends. As such, this vulnerability can also affect [email protected] via the following path: [email protected] ➔ [email protected] ➔ [email protected] ➔ [email protected] ➔ [email protected] ➔ [email protected](vulnerable version)
[email protected] ➔ [email protected] ➔ [email protected] ➔ [email protected] ➔ [email protected] ➔ [email protected](vulnerable version)
Since google-p12-pem has released a new patched version [email protected] to resolve this issue ([email protected] ➔ [email protected](fix version)), then this vulnerability patch can be automatically propagated into your project only if you update your package-lock.json file (delete package-lock.json and re-execute npm install command): [email protected] ➔ [email protected] ➔ [email protected] ➔ [email protected] ➔ [email protected] ➔ [email protected](vulnerability fix version).
[email protected] ➔ [email protected] ➔ [email protected] ➔ [email protected] ➔ [email protected] ➔ [email protected](vulnerability fix version)
A warm tip.^_^ Best regards, Paimon
The text was updated successfully, but these errors were encountered:
No branches or pull requests
Hi, @dmfrancisco, I have reported a vulnerability issue in package google-p12-pem.
As far as I am aware, vulnerability(high severity) CVE-2020-7720 detected in package node-forge(<0.10.0) is directly referenced by [email protected], on which your package [email protected] transitively depends. As such, this vulnerability can also affect [email protected] via the following path:
[email protected] ➔ [email protected] ➔ [email protected] ➔ [email protected] ➔ [email protected] ➔ [email protected](vulnerable version)
Since google-p12-pem has released a new patched version [email protected] to resolve this issue ([email protected] ➔ [email protected](fix version)), then this vulnerability patch can be automatically propagated into your project only if you update your package-lock.json file (delete package-lock.json and re-execute npm install command):
[email protected] ➔ [email protected] ➔ [email protected] ➔ [email protected] ➔ [email protected] ➔ [email protected](vulnerability fix version)
.A warm tip.^_^
Best regards,
Paimon
The text was updated successfully, but these errors were encountered: