You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
searched for such a feature request (
enhancement
) and found none
I think the library needs to upgrade its dependency that dependent to tough-cookie@2.5.0. Since tough-cookie@2.5.0 has vulnerability issue (https://avd.aquasec.com/nvd/cve-2023-26136), it needs to be updated to tough-cookie@4.0.0.
I have:
I think the library needs to upgrade its dependency that dependent to tough-cookie@2.5.0. Since tough-cookie@2.5.0 has vulnerability issue (https://avd.aquasec.com/nvd/cve-2023-26136), it needs to be updated to tough-cookie@4.0.0.
node-telegram-bot-api@0.61.0
├─┬ request-promise@4.2.6
│ └── tough-cookie@2.5.0
└─┬ request@2.88.2
└── tough-cookie@2.5.0
Introduction
It will solve this vulnerability issue: https://avd.aquasec.com/nvd/cve-2023-26136
Example
Update the library request and request-promise.
The text was updated successfully, but these errors were encountered: