Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[TASK] Investigate CVE's impact on the plugin #380

Closed
jovancacvetkovic opened this issue Jan 23, 2023 · 3 comments
Closed

[TASK] Investigate CVE's impact on the plugin #380

jovancacvetkovic opened this issue Jan 23, 2023 · 3 comments
Labels
enhancement New feature or request untriaged

Comments

@jovancacvetkovic
Copy link
Contributor

jovancacvetkovic commented Jan 23, 2023
edited

Is your feature request related to a problem?
Some packages can introduce security vulnerabilities.

Task
Investigate these CVEs:

Verify the below CVEs have the updated version bumps:

What solution would you like?
Update the package version if needed.
@jovancacvetkovic jovancacvetkovic added enhancement New feature or request untriaged labels Jan 23, 2023
@jovancacvetkovic
Copy link
Contributor Author

CVE-2022-46175 should be fixed with CVE-2022-46175 (High) detected in json5-1.0.1 #3305

@jovancacvetkovic
Copy link
Contributor Author

CVE-2022-37603 should be fixed with:

@jovancacvetkovic
Copy link
Contributor Author

CVE-2020-36604 is already up to date.
The affected versions are from (including) 9.0 - up to 9.0.3 (excluding).
The currently installed version is: hapi/hoek - 9.2.1

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request untriaged
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jovancacvetkovic @praveensameneni