Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Uses a vulnerable version of googleapis #3

Closed
aidanlane opened this issue Aug 14, 2019 · 2 comments
Closed

Uses a vulnerable version of googleapis #3

aidanlane opened this issue Aug 14, 2019 · 2 comments

Comments

@aidanlane
Copy link

From https://www.npmjs.com/advisories/791

Overview

Versions of googleapis prior to 38.0.0 are vulnerable to Improper Authorization. Setting credentials to one client may apply to all clients which may cause requests to be sent with the incorrect credentials.

Remediation

Upgrade to version 38.0.0.

Resources

(GitHub Issue)[https://github.com/googleapis/google-api-nodejs-client/issues/1594]
@levz0r levz0r closed this as completed in f91f2f4 Aug 14, 2019
@aidanlane
Copy link
Author

Wow, that was a super quick response- MIND. BLOWN! Thank you!!

@aidanlane aidanlane changed the title Uses a vunuerable version of googleapis Uses a vulnerable version of googleapis Aug 14, 2019
@levz0r
Copy link
Owner

levz0r commented Aug 14, 2019

Thanks for reporting @aidanlane!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@aidanlane @levz0r