Open sseide opened 1 year ago
The currently used server package as a medium vulnerability report that can only be fixed by updating from current 5.x to latest 7.5 version.
Due to the "semver" update the minimum required NodeJS version is increased from the ancient 6 to the 10 which is end-of-live for a long time too.
Please accept this PR and release a new version with this patch to allow others to fix the vulnerability reports.
see CVE-2022-25883 / https://nvd.nist.gov/vuln/detail/CVE-2022-25883
The currently used server package as a medium vulnerability report that can only be fixed by updating from current 5.x to latest 7.5 version.
Due to the "semver" update the minimum required NodeJS version is increased from the ancient 6 to the 10 which is end-of-live for a long time too.
Please accept this PR and release a new version with this patch to allow others to fix the vulnerability reports.
see CVE-2022-25883 / https://nvd.nist.gov/vuln/detail/CVE-2022-25883