Vulnerability 1012 - Need new release
See original GitHub issueHey,
There is currently a security vulnerability in your released package 4.1.0 https://www.npmjs.com/advisories/1012
It is due to the version of braces
being used, however it looks like that’s been fixed in master. Will there be a release any time soon?
Issue Analytics
- State:
- Created 4 years ago
- Reactions:1
- Comments:6 (2 by maintainers)
Top Results From Across the Web
CVE-2022-1012 - Red Hat Customer Portal
Why is my security scanner reporting my product as vulnerable to this vulnerability even though my product version is fixed or not affected?...
Read more >CVE-2022-1012 Detail - NVD
CWE-401, Missing Release of Memory after Effective Lifetime, cwe source acceptance level NIST Provider acceptance level Red Hat, Inc.
Read more >Red Hat: CVE-2022-1012: Important: kpatch-patch security ...
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what...
Read more >CVE-2021-1012
The mission of the CVE® Program is to identify, define, and catalog publicly disclosed cybersecurity vulnerabilities.
Read more >Security Bulletins | Customer Care - Google Cloud
Two new vulnerabilities (CVE-2022-2585 and CVE-2022-2588) have been discovered in the Linux kernel that can lead to a full container break out to...
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
Please don’t open issues about these vulnerabilities. We already get tons of notifications and annoying panels in the UI.
If this is important to you, send a PR to fix it.
Hi, I’m getting 110 high severity vulnerabilities in an Angular project, all related to set-value package. Message below:
High: Prototype Pollution
Package: set-value
Patched in >=3.0.1
Dependency of karma [dev]
Path: karma > chokidar > readdirp > micromatch > snapdragon > base > cache-base > union-value > set-value More info: https://npmjs.com/advisories/1012