Skip to content
This repository has been archived by the owner on Jan 19, 2023. It is now read-only.

Incorrect vulnerability details for CVE-2022-2596 #318

Closed
nicodemoraffaele opened this issue Aug 3, 2022 · 1 comment
Closed

Incorrect vulnerability details for CVE-2022-2596 #318

nicodemoraffaele opened this issue Aug 3, 2022 · 1 comment
Labels
bug Something isn't working

Comments

@nicodemoraffaele
Copy link

Vulnerability URL

https://ossindex.sonatype.org/vulnerability/CVE-2022-2596

Component URL

https://ossindex.sonatype.org/component/pkg:npm/node-fetch

Description
Versions 2.x of node-fetch are not affected by the vulnerability. CVE list has been updated: https://github.com/CVEProject/cvelist/pull/6757/files
Please refer also to: node-fetch/node-fetch#1611
@nicodemoraffaele nicodemoraffaele added the bug Something isn't working label Aug 3, 2022
@ken-duck
Copy link
Contributor

This appears to have been fixed: https://ossindex.sonatype.org/component/pkg:npm/node-fetch@2.6.7

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@nicodemoraffaele @ken-duck