Firebase/php-jwt & laravel-zoom compatibility

MacsiDigital / laravel-zoom

Laravel Zoom Package

MIT License

260 stars 135 forks source link

Firebase/php-jwt & laravel-zoom compatibility #136

Open mohamad-elbohsaly opened 1 year ago

mohamad-elbohsaly commented 1 year ago

We are using "macsidigital/laravel-zoom": "^5.0" according to composer.json. Automatically, upon executing composer update, the composer.lock file is requiring firebase/php-jwt:5.5.1. This dependency is vulnerable as you can see here:

Package | firebase/php-jwt | CVE | CVE-2021-46743 | Title | Key/algorithm type confusion | URL | https://github.com/advisories/GHSA-8xf4-w7qw-pjjw | Affected versions | <6.0.0 | Reported at | 2022-03-30T00:00:00+00:00

Assistance is appreciated

DevMahmoudMustafa commented 1 year ago

I resolved the issue a while ago but my withdrawal request has not yet been approved https://github.com/MacsiDigital/laravel-zoom/pull/140 https://github.com/MacsiDigital/laravel-zoom/pull/141