This repository has been archived by the owner on Apr 11, 2023. It is now read-only.
Upgrade Libraries to Fix Critical Vulnerabilities #457
Comments
biljanaLukovic
changed the title
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
In: test/ui-automation/package-lock.json
Type: Insufficient validation when decoding a Socket.IO packet #113
Severity: Critical
This should be fixed by:
socketio/socket.io-parser@b5d0cb7, included in [email protected]
socketio/socket.io-parser@b559f05, included in [email protected]
Upgrade:
Vulnerability Type: ReDOS
Severity: High in /cmd/wallet-adapter-web
Library: minimatch
Vulnerable version: 3.0.4
Safe version: 3.1.2
Critical Severity Vulnerability
Type: 'mishandles witness size checking' in
test/mock/adapter/go.sum
Library:
github.com/btcsuite/btcd (Go) < 0.23.2
Upgrade to: 0.23.2
The text was updated successfully, but these errors were encountered: