Chai: Update pathval to 1.1.1 to fix vulnerability CVE-2020-7751

Created on 2 Mar 2021  路  5Comments  路  Source: chaijs/chai

There is (a somewhat arguable) case for a security incident - CVE-2020-7751, which has been fixed to pathval via pathval PR#60. This fix should be pulled in.

picture JanneKiiskila

Most helpful comment

Working on it now

picture keithamus on 2 Mar 2021
🚀1 👍1

All 5 comments

PR opened - https://github.com/chaijs/chai/pull/1377

JanneKiiskila picture JanneKiiskila on 2 Mar 2021

This can be closed. @keithamus - any idea when this could hit a tagged release?

JanneKiiskila picture JanneKiiskila on 2 Mar 2021

Working on it now

keithamus picture keithamus on 2 Mar 2021
🚀1 👍1

Thanks, that was amazingly quick! Superb!

JanneKiiskila picture JanneKiiskila on 2 Mar 2021
👍1

This has been released as 4.3.1

keithamus picture keithamus on 2 Mar 2021
👍1
Was this page helpful?
0 / 5 - 0 ratings

Related issues

zzzgit picture zzzgit  路  3Comments
ghost picture ghost  路  4Comments
leifhanack picture leifhanack  路  4Comments
basherr picture basherr  路  4Comments
kharandziuk picture kharandziuk  路  4Comments