-
-
Notifications
You must be signed in to change notification settings - Fork 1.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. Weβll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CVE because of dependency on [email protected] #2280
Comments
aukevanleeuwen
added a commit
to aukevanleeuwen/cucumber-js
that referenced
this issue
Apr 26, 2023
More information: * GHSA-f9xv-q969-pqx4 * https://nvd.nist.gov/vuln/detail/CVE-2023-2251 Fixes cucumber#2280
7 tasks
davidjgoss
pushed a commit
that referenced
this issue
Apr 27, 2023
More information: * GHSA-f9xv-q969-pqx4 * https://nvd.nist.gov/vuln/detail/CVE-2023-2251 Fixes #2280
@davidjgoss is there a plan for a release to npm with this fix soon? Thanks |
Released in https://github.com/cucumber/cucumber-js/releases/tag/v9.1.1 - sorry for the delay. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
π€ What's the problem you've observed?
I was alerted by dependabot of a vulnerability because of a transitive dependency on
[email protected]
(via@cucumber/cucumber-js
).β¨ Do you have a proposal for making it better?
Update to
[email protected]
.π Any additional context?
The text was updated successfully, but these errors were encountered: