-
Notifications
You must be signed in to change notification settings - Fork 110
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Security vulnerability in dependency glob-parent@5.1.2 #376
Comments
Thank you @pgillislb is there anyway I can help to fasttrack this? This issue is blocker for our release too. |
Hi @nutkur I'm not sure. I see you commented on the related PR as well. I'm not sure what the process is to get the PR merged. |
Thank you for your fast response. Let's wait for the author to reply on the PR. In the mean while if you figure out another way navigate this security issue, please let me know! |
Same issue here, please let me know if you have a solution! |
This is not a problem of this package or its dependencies. This is the problem of yet another vulnerability scanner and its knowledge base. #367 (comment) Related issues: This dependency will be updated in the next major version of the package (#371). |
The following vulnerability is being reported when building our NodeJs apps that depend on this library:
https://nvd.nist.gov/vuln/detail/CVE-2021-35065
The issue is resolved in glob-parent@6.0.1
I will attempt to put up a PR for the resolution of this issue.
The text was updated successfully, but these errors were encountered: