search

didi / chameleon

🦎 一套代码运行多端,一端所见即多端所见
http://cml.didi.cn/
Apache License 2.0
9.02k stars 692 forks source link

There is a vulnerability in codecov 3.6.4 ,upgrade recommended #548

Open QiAnXinCodeSafe opened 3 years ago

QiAnXinCodeSafe commented 3 years ago

https://github.com/didi/chameleon/blob/ffa8976c72f57e2a3878bff1e1bfc65d771f997e/package-lock.json#L3473-L3475

CVE-2020-15123 CVE-2020-7597

Recommended upgrade version:3.7.1

zhaoyinpan2 commented 3 years ago

https://github.com/didi/chameleon/blob/ffa8976c72f57e2a3878bff1e1bfc65d771f997e/package-lock.json#L3473-L3475

CVE-2020-15123 CVE-2020-7597

Recommended upgrade version:3.7.1 我们看下