Synk report showing hosted-git-info version vulnerability #21

victorperin · 2021-03-27T06:46:46Z

Hello @sindresorhus, got a package vulnerability using hosted-git-info for versions lower than 3.0.8. We need to update.

This influence your package meow, since it has those dependencies:

meow@9.0.0 › read-pkg-up@7.0.1 › read-pkg@5.2.0 › normalize-package-data@2.5.0 › hosted-git-info@2.8.8

Synk report: https://snyk.io/vuln/SNYK-JS-HOSTEDGITINFO-1088355

The text was updated successfully, but these errors were encountered:

victorperin changed the title ~~Sync report showing hosted-git-info version vulnerability~~ Synk report showing hosted-git-info version vulnerability Mar 27, 2021

victorperin mentioned this issue Mar 27, 2021

Fix Synk report on normalize-package-data package #22

Closed

sindresorhus closed this as completed in 2088095 Mar 28, 2021

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Synk report showing hosted-git-info version vulnerability #21

Synk report showing hosted-git-info version vulnerability #21

victorperin commented Mar 27, 2021 •

edited

Synk report showing hosted-git-info version vulnerability #21

Synk report showing hosted-git-info version vulnerability #21

Comments

victorperin commented Mar 27, 2021 • edited

victorperin commented Mar 27, 2021 •

edited