We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
protobuf.js version: 7.0.0 - 7.2.4
functions %> npm audit fix up to date, audited 1215 packages in 1s 174 packages are looking for funding run `npm fund` for details # npm audit report protobufjs 7.0.0 - 7.2.4 Severity: critical protobufjs Prototype Pollution vulnerability - https://github.com/advisories/GHSA-h755-8qp9-cq85 fix available via `npm audit fix` node_modules/@google-cloud/pubsub/node_modules/protobufjs google-gax 2.2.1-pre - 2.2.1-pre.2 || 2.28.2-alpha.1 - 2.28.4-alpha.1 || 3.1.4 - 4.0.3 Depends on vulnerable versions of protobufjs node_modules/@google-cloud/pubsub/node_modules/google-gax @google-cloud/pubsub 2.11.1-pre || 3.1.1 - 3.7.5 Depends on vulnerable versions of google-gax node_modules/@google-cloud/pubsub 3 critical severity vulnerabilities To address all issues, run: npm audit fix 1 functions %>
The text was updated successfully, but these errors were encountered:
Any news here?
Sorry, something went wrong.
Bumping here
No branches or pull requests
protobuf.js version: 7.0.0 - 7.2.4
Just including the package to trigger the vulnerability warning. This is related to https://github.com/advisories/GHSA-h755-8qp9-cq85The text was updated successfully, but these errors were encountered: