Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update browserify due to CVE-2018-16472 in transitive dependency (cached-path-relative) #14

Closed
1 task done
dortegau opened this issue Nov 12, 2018 · 0 comments
Closed
1 task done

Update browserify due to CVE-2018-16472 in transitive dependency (cached-path-relative) #14

dortegau opened this issue Nov 12, 2018 · 0 comments
Assignees
@jnogol
Labels
bug

Comments

@dortegau
Copy link
Member

Prerequisites

Description

Fix https://nvd.nist.gov/vuln/detail/CVE-2018-16472 notified by GitHub (there is no potential security issues because is used by browserify, but it's a good moment to update) in cached-path-relative library

Versions

versions <= 1.0.6

Additional Information
@dortegau dortegau changed the title Update browserify due to CVE-2018-16472 in transitive dependency Update browserify due to CVE-2018-16472 in transitive dependency (cached-path-relative) Nov 12, 2018
@jnogol jnogol self-assigned this May 21, 2019
@jnogol jnogol added the bug label May 21, 2019
jnogol pushed a commit that referenced this issue May 21, 2019
#14 Add cached-path-relative dependency to avoid CVE-2018-16472
5b8ee90
This was referenced May 21, 2019
Merged
Merged
@jnogol jnogol closed this as completed May 24, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jnogol jnogol

Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@dortegau @jnogol