Found CVE-2022-29622 in one of your dependent library- superagent

[Dipenduroy]

No description provided.

[titanism]

Please file a request or submit a PR in formidable for the vulnerability fix to be backported to v2.x tag of formidable, the non-ESM version, as it should be backported for community CJS support.

Ref:

• node-formidable/formidable@81dd350
• [Snyk] Security upgrade formidable from 2.0.1 to 3.2.4 superagent#1724
• Found CVE-2022-29622 in one of your dependent library- superagent #780
• Arbitrary File Upload in formidable versions <3.2.4 superagent#1725

[YolandaZhang369369]

Hello, we found an security issue CVE-2022-29622 which is blocking our product release, could you please provide an updated version superagent which will support formidable - 3.2.4 ?
Thanks a lot!

[YolandaZhang369369]

Hello, we found an security issue CVE-2022-29622 which is blocking our product release, could you please provide an updated version superagent which will support formidable - 3.2.4 ?
Thanks a lot!

[YolandaZhang369369]

@titanism , could you please take a review of our urgent request above and share your fixing plan? Thanks!

[titanism]

This is not an issue. If you read the CVE you will see that they lowered the severity and it's a non-issue. Please stop opening issues and spamming.