Closed matthew0x40 closed 1 year ago
Hi, OWASP Dependency-Check tool has a critical vulnerability showing up for cucumber-reporting due to Chart.js
https://nvd.nist.gov/vuln/detail/CVE-2020-7746
NVD says that the CVE is fixed in Chart.JS 2.9.4 and it looks like cucumber-reporting is using version 2.7.3. Would you be able to update this dependency?
Thanks!
Will deliver soon
damianszczepanik
commented
1 year ago
Hi, OWASP Dependency-Check tool has a critical vulnerability showing up for cucumber-reporting due to Chart.js
https://nvd.nist.gov/vuln/detail/CVE-2020-7746
NVD says that the CVE is fixed in Chart.JS 2.9.4 and it looks like cucumber-reporting is using version 2.7.3. Would you be able to update this dependency?
Thanks!