Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Meta] Current CVE-2018-19183 / GitHub Security Warning is a non-issue #395

Closed
holgerd77 opened this issue Nov 22, 2018 · 1 comment
Closed

[Meta] Current CVE-2018-19183 / GitHub Security Warning is a non-issue #395

holgerd77 opened this issue Nov 22, 2018 · 1 comment
Labels
package: vm prio: P2 very important type: security

Comments

@holgerd77
Copy link
Member

For information: GitHub is currently giving a security alert on version v2.4.0 of the library. This was triggered by a CVE-2018-19183 (Common Vulnerabilities and Exposures] filed on the NVD (US National Vulnerability Database).

The CVE is based on this issue #386 open on the library. After first analysis we can very safely say that this is a non-issue and you can safely ignore the warning.

Side note: if you are from NIST or GitHub Security team and have further questions, please get in touch!
@s1na
Copy link
Contributor

s1na commented Mar 13, 2019

Closing this since it's a non-issue :) feel free to open it again if something comes up.

@s1na s1na closed this as completed Mar 13, 2019
@levpachmanov levpachmanov mentioned this issue Jan 22, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
package: vm prio: P2 very important type: security
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@evertonfraga @holgerd77 @s1na