You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
As far as I am aware, vulnerability CVE-2020-26289 detected in package date-and-time<0.14.2 is directly referenced by @google-cloud/storage@4.7.0, on which your package nsfw-api@1.0.58 transitively depends. As such, this vulnerability can also affect nsfw-api@1.0.58 via the following path: nsfw-api@1.0.58 ➔ firebase-admin@8.13.0 ➔ @google-cloud/storage@4.7.0 ➔ date-and-time@0.13.1(vulnerable version)
Since @google-cloud/storage has released a new patched version @google-cloud/storage@4.7.2 to resolve this issue (@google-cloud/storage@4.7.2 ➔ date-and-time@0.14.2(fix version)), then this vulnerability patch can be automatically propagated into your project only if you update your lockfile. The following is your new dependency path : nsfw-api@1.0.58 ➔ firebase-admin@8.13.0 ➔ @google-cloud/storage@4.7.2 ➔ date-and-time@0.14.2(vulnerability fix version).
A warm tip.^_^
The text was updated successfully, but these errors were encountered:
Am 22.08.2021 um 15:51 schrieb paimon0715 ***@***.***>:
Hi, @NilsBaumgartner1994, I have reported a vulnerability in package @google-cloud/storage.
As far as I am aware, vulnerability CVE-2020-26289 detected in package date-and-time<0.14.2 is directly referenced by @***@***.***, on which your package ***@***.*** transitively depends. As such, this vulnerability can also affect ***@***.*** via the following path:
***@***.*** ➔ ***@***.*** ➔ @***@***.*** ➔ ***@***.***(vulnerable version)
Since @google-cloud/storage has released a new patched version @***@***.*** to resolve this issue ***@***.******@***.*** ➔ ***@***.***(fix version)), then this vulnerability patch can be automatically propagated into your project only if you update your lockfile. The following is your new dependency path :
***@***.*** ➔ ***@***.*** ➔ @***@***.*** ➔ ***@***.***(vulnerability fix version).
A warm tip.^_^
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub, or unsubscribe.
Hi, @NilsBaumgartner1994, I have reported a vulnerability in package @google-cloud/storage.
As far as I am aware, vulnerability CVE-2020-26289 detected in package date-and-time<0.14.2 is directly referenced by @google-cloud/storage@4.7.0, on which your package nsfw-api@1.0.58 transitively depends. As such, this vulnerability can also affect nsfw-api@1.0.58 via the following path:
nsfw-api@1.0.58 ➔ firebase-admin@8.13.0 ➔ @google-cloud/storage@4.7.0 ➔ date-and-time@0.13.1(vulnerable version)
Since @google-cloud/storage has released a new patched version @google-cloud/storage@4.7.2 to resolve this issue (@google-cloud/storage@4.7.2 ➔ date-and-time@0.14.2(fix version)), then this vulnerability patch can be automatically propagated into your project only if you update your lockfile. The following is your new dependency path :
nsfw-api@1.0.58 ➔ firebase-admin@8.13.0 ➔ @google-cloud/storage@4.7.2 ➔ date-and-time@0.14.2(vulnerability fix version)
.A warm tip.^_^
The text was updated successfully, but these errors were encountered: