You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
nodejs/node@051154e addresses CVE-2020-8287 in node, but this package still seems to generate a vulnerable version. Where can this be fixed? Is manually patching the generated .c file the only way to do this for now?
The text was updated successfully, but these errors were encountered:
Thank you so much for reporting this. The patch was in a lengthy review process and didn't land in this repo in the end. I've released v3.0.1 and v4.0.0 with this fix.
nodejs/node@051154e addresses CVE-2020-8287 in node, but this package still seems to generate a vulnerable version. Where can this be fixed? Is manually patching the generated .c file the only way to do this for now?
The text was updated successfully, but these errors were encountered: