Js-ipfs: Github vulnerability warning: cryptiles

Created on 3 Feb 2019  路  3Comments  路  Source: ipfs/js-ipfs

I'm getting the following warning from Github on a nested dependency vulnerability

screenshot 2019-02-02 19 47 02

https://nvd.nist.gov/vuln/detail/CVE-2018-1000620

P1 kinbug
Source
picture pedrouid

All 3 comments

package.json

{
  // ...
  "dependencies": {
    "ipfs": "^0.34.4"
  }
}
pedrouid picture pedrouid on 3 Feb 2019

Thanks for reporting - it'll be resolved by https://github.com/ipfs/js-ipfs/pull/1844

alanshaw picture alanshaw on 3 Feb 2019
👍1

1844 got merged!

alanshaw picture alanshaw on 7 Feb 2019
🎉1
Was this page helpful?
0 / 5 - 0 ratings

Related issues

mnts picture mnts  路  3Comments
daviddias picture daviddias  路  3Comments
dryajov picture dryajov  路  3Comments
daviddias picture daviddias  路  4Comments
lidel picture lidel  路  3Comments