Closed yogeshhrathod closed 1 year ago
At least v2.1357.0 bumps the xml2js version and fixes that vulnerability: https://github.com/aws/aws-sdk-js/commit/62847a45ae58deace88e58f75dfc09e0ae1c0b75
Here's the vulnerability: https://github.com/advisories/GHSA-776f-qx25-q3cc
Hi @d2vid ,
As of version 2.1357.0 the xml2js vulnerability has been taken care of. Thanks for pointing that out.
@yogeshhrathod, Can you please be more specific about which libraries in particular need updating?
Thanks so much, Ran~
This issue has not received a response in 1 week. If you still think there is a problem, please leave a comment to avoid the issue from automatically closing.
Describe the bug
There are many dependencies in the library have deprecated or vulnerabilities which has been fixed but not updated, can we update the those libraries for security reasons.
Expected Behavior
NA
Current Behavior
NA
Reproduction Steps
NA
Possible Solution
No response
Additional Information/Context
No response
SDK version used
2.1354.0
Environment details (OS name and version, etc.)
windows