Closed joshualiu closed 2 years ago
Describe in detail the issue you're having.
PSIRT vulnerability issue CVE-2021-35065 for glob-parent@5.1.2, found in @carbon/ibm-cloud-cognitive @0.x
What did you expect to happen? What happened instead? What would you like to see changed?
Updating the dependency @carbon/telemetry to @^0.1.0
What version of the @carbon/ibm-products (or @carbon/ibm-cloud-cognitive) package are you using?
0.65.0, we tried updating to 0.99.1
https://exchange.xforce.ibmcloud.com/vulnerabilities/208298
Hey @joshualiu, this appears to be already fixed in newer versions (specifically @carbon/telemetry was upgraded to 0.1.0 in @carbon/ibm-products@1.12.0).
@carbon/telemetry
0.1.0
@carbon/ibm-products@1.12.0
Let us know if there is more we can do to help!
What package(s) are you using?
Detailed description
PSIRT vulnerability issue CVE-2021-35065 for glob-parent@5.1.2, found in @carbon/ibm-cloud-cognitive @0.x
Updating the dependency @carbon/telemetry to @^0.1.0
0.65.0, we tried updating to 0.99.1
Additional information
https://exchange.xforce.ibmcloud.com/vulnerabilities/208298