Skip to content
This repository has been archived by the owner on Mar 23, 2023. It is now read-only.

CVE-2020-7733 vulnerability by linking to an older fbjs version #505

Closed
tjercus opened this issue Sep 24, 2020 · 2 comments
Closed

CVE-2020-7733 vulnerability by linking to an older fbjs version #505

tjercus opened this issue Sep 24, 2020 · 2 comments

Comments

@tjercus
Copy link

tjercus commented Sep 24, 2020

For details see https://www.tenable.com/cve/CVE-2020-7733.
The fix would be to upgrade the dependency fbjs to the latest version. That version is not vulnerable.
@TomBrien
Copy link

TomBrien commented Oct 5, 2020

Also found this package as the root cause of a vulnerability to CVE-2020-15168 which would be solved by bumping fbjs

@dschaller
Copy link
Contributor

Fixed in #507

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@dschaller @yangshun @tjercus @TomBrien