Closed mvpotdar closed 7 months ago
which contains a vulnerability (https://github.com/advisories/GHSA-wfcx-xxhx-657g).
It doesn't seem concerned with nokogiri.
td-agent v4 is already EOL: https://www.fluentd.org/blog/schedule-for-td-agent-4-eol If you need to keep using v4 and to update gems, please upgrade them by yourself.
e.g.)
> td-agent-gem install nokogiri -v 1.15.5
Hi,
I noticed that the Gemfile from td-agent latest version v4.5.3 specifies nokogiri-1.15.3, which contains a vulnerability (CVE-2019-18425).
I'm wondering if there are any plans to address this issue in an upcoming release.