New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Opener Vulnerability #38

Open

joelrichardvitrana opened this issue May 2, 2023 · 1 comment

joelrichardvitrana commented May 2, 2023

Hi,
We have updated the Opener package to the latest version(1.5.2)

The latest version of opener has 2 Critical Vulnerabilities(CVE-2022-43604 ,CVE-2022-43605) with scores of 9.8 and 5 High Vulnerabilities (GHSA-3c24-g4gm-98v9, GHSA-459h-94q9-vwr6, GHSA-fhpr-42xj-phj9, GHSA-v2cq-8xv3-3vq4, CVE-2022-43606) with scores 7.5.
Is there a way to fix those vulnerabilities. If so, can you please let us know how to do?

ddamw commented May 8, 2023

Just as #37, these CVEs are related to EIP Stack Group OpENer and not the opener package; you can see this from the CVE descriptions.

The dependency check processes are at fault here, for not being able to tell these two packages apart.

adamgruber mentioned this issue

Is mochawesome still alive or maintained ? adamgruber/mochawesome#398

Open

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment