Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[SECURITY] Security issues with package dependencies #452

Closed
Ziocash opened this issue Jul 28, 2023 · 3 comments · Fixed by #450
Closed

[SECURITY] Security issues with package dependencies #452

Ziocash opened this issue Jul 28, 2023 · 3 comments · Fixed by #450

Comments

@Ziocash
Copy link
Contributor

Ziocash commented Jul 28, 2023
edited
Loading

Potential vulnerability found in protobufjs

Dependency name Severity Affected versions Earliest fixed version
protobufjs@^6.8.8 (via [email protected])
protobufjs@^6.11.3 		High >= 7.0.0, < 7.2.4
>= 6.10.0, < 6.11.4 		7.2.4
6.11.4

Reported as CVE-2023-36665 "protobufjs Prototype Pollution vulnerability"
@DoctorMcKay
Copy link
Owner

This will be addressed in #450.

@DoctorMcKay DoctorMcKay linked a pull request Jul 28, 2023 that will close this issue
v5 #450
Merged
7 tasks
@Ziocash
Copy link
Contributor Author

Ziocash commented Jul 30, 2023

@DoctorMcKay let me know if you eventually need further information about or if I can contribute to fix this issue

@Ziocash
Copy link
Contributor Author

Ziocash commented Aug 16, 2023

Update on GitHub advisories
GHSA-h755-8qp9-cq85

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

v5 DoctorMcKay/node-steam-user
2 participants
@DoctorMcKay @Ziocash