New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Security Issues on Dependency xmldom 0.7.5 #111
Comments
Reverted the change for now as it broke their API. Will need to investigate later https://github.com/ionic-team/trapeze/actions/runs/3250541946/jobs/5334353927 |
@mlynch |
Not sure what's going on but they seem to be retracting their CVE |
Closing as invalid per discussion here xmldom/xmldom#436 |
@mlynch The dispute was reported, however the vulnerability was later reconfirmed as discussed in the same thread you shared: xmldom/xmldom#436 This is still an issue. |
Hi,
I'm using this version on my ionic project:
"@trapezedev/configure": "3.0.6",
This has installed a dependency for xmldom 0.7.5, this version requires an updated to fix a security issue listed below
https://www.tenable.com/cve/CVE-2022-37616
Is required to upgrade to version 0.8.3
When could you schedule this upgrade on your package's dependency?
The text was updated successfully, but these errors were encountered: