Skip to content
This repository has been archived by the owner on Apr 11, 2023. It is now read-only.

Upgrade 'engine.io' library that is vulnerable to uncaught exception #460

Open
biljanaLukovic opened this issue Nov 24, 2022 · 0 comments
Open

Upgrade 'engine.io' library that is vulnerable to uncaught exception #460

biljanaLukovic opened this issue Nov 24, 2022 · 0 comments

Comments

@biljanaLukovic
Copy link

biljanaLukovic commented Nov 24, 2022
edited
Loading

Upgrade vulnerable library to avoid vulnerability caused by uncaught exception that kills node.js process
engine.io (npm )

Affected versions < 3.6.1 / Patched versions is 3.6.1
Affected Version >= 4.0.0, < 6.2.1 / Patch version 6.2.1

Paths
trustbloc/wallet
• cmd/wallet-web/package-lock.json
trustbloc/sandbox
• test/ui-automation/package-lock.json
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@biljanaLukovic