Upgrade cookiejar dependency to 2.1.4 (or above) to mitigate CVE-2022-25901

TriplyDB / Yasgui

Yet Another Sparql GUI

https://yasgui.triply.cc

MIT License

178 stars 54 forks source link

Open akgsl opened 1 year ago

akgsl commented 1 year ago

Upgrade the cookiejar package to version 2.1.4 (or above) to mitigate CVE-2022-25901.

akgsl commented 1 year ago

├─┬ @triply/yasgui@4.2.25
│ └─┬ superagent@5.3.1
│   └── cookiejar@2.1.3

:point_up: This is how the nesting of dependencies is now.

Please upgrade to superagent v8.0.9. It has cookiejar v2.1.4.