Skip to content

xml2js vulnerability fix #179

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Nov 3, 2023
Merged

xml2js vulnerability fix #179

merged 1 commit into from
Nov 3, 2023

Conversation

max-ostapenko
Copy link
Contributor

Fix for a dependency vulnerability

# npm audit report

xml2js  <0.5.0
Severity: moderate
xml2js is vulnerable to prototype pollution - https://github.com/advisories/GHSA-776f-qx25-q3cc

@mjkozicki mjkozicki added the bug label Oct 25, 2023
@mjkozicki mjkozicki self-assigned this Oct 25, 2023
@mjkozicki mjkozicki merged commit f1531de into catchpoint:master Nov 3, 2023
@max-ostapenko max-ostapenko deleted the obnoxious-kangaroo branch June 28, 2024 19:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@lbartoli79 lbartoli79 lbartoli79 approved these changes

Assignees

@mjkozicki mjkozicki

Labels

bug

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@max-ostapenko @lbartoli79 @mjkozicki