Enerccio
commented
2 years ago why is this STILL not fixed? Wtf, that is such an easy fix ffs... just save the "data" into another temporary file and load it in the subprocess...
Open somanianands opened 3 years ago
Enerccio
commented
2 years ago why is this STILL not fixed? Wtf, that is such an easy fix ffs... just save the "data" into another temporary file and load it in the subprocess...
willmorgan
commented
2 years ago why is this STILL not fixed? Wtf, that is such an easy fix ffs... just save the "data" into another temporary file and load it in the subprocess...
@Enerccio If you are so angry and know the steps required to resolve the issue, maybe you should submit a patch, or fork the repo.
Enerccio
commented
2 years ago why is this STILL not fixed? Wtf, that is such an easy fix ffs... just save the "data" into another temporary file and load it in the subprocess...
@Enerccio If you are so angry and know the steps required to resolve the issue, maybe you should submit a patch, or fork the repo.
just because I empathize doesn't mean I am angry. I am just surprised on how basic the vulnerability was and how easy it is to fix it
https://snyk.io/vuln/SNYK-JS-XMLHTTPREQUESTSSL-1082936 Do you have any fix for this issue?