Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Revert "Nack CVE-2023-42282 in npm and related packages." #1519

Merged
merged 1 commit into from
Feb 18, 2024

Conversation

pdeslaur
Copy link
Collaborator

Reverts #1518

The GitHub Security Advisories indicate a PoC of this vulnerability is possible with version <= 2.0.0: github/advisory-database#3504 (comment)

@dlorenc dlorenc enabled auto-merge February 18, 2024 20:53
@pdeslaur pdeslaur disabled auto-merge February 18, 2024 21:04
@pdeslaur pdeslaur merged commit 1adaae3 into main Feb 18, 2024
2 of 3 checks passed
@pdeslaur pdeslaur deleted the revert-1518-npm branch February 18, 2024 21:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants