search

adzerk / adzerk-management-sdk-js

JavaScript SDK for the Kevel Management API
Apache License 2.0
1 stars 2 forks source link

Dependency `file-type` requires security update #20

Closed sambauers closed 1 year ago

sambauers commented 2 years ago

This package requires file-type@^14.6.2 which contains a known security issue https://nvd.nist.gov/vuln/detail/CVE-2022-36313

Updating to at least v16.5.4 will patch the vulnerability.

Edit: @rlustemberg created a PR at #22

rlustemberg commented 1 year ago

Indeed the dependency needs to be updated

rlustemberg commented 1 year ago

Just made a PR for this

vkurup commented 1 year ago

Thank you for the reports. This fix has been included in the 1.0.0-beta.11 release