Closed praveendiwakar1 closed 2 years ago
We have identified a security vulnerability in the route that ends with @googleapis>google-auth-library>gtoken>google-p12-pem>node-forge and @google-cloud/pubsub>google-auth-library>gtoken>google-p12-pem>node-forge for node-forge version 1.0.0.
@googleapis>google-auth-library>gtoken>google-p12-pem>node-forge
@google-cloud/pubsub>google-auth-library>gtoken>google-p12-pem>node-forge
node-forge
1.0.0
googleapis and google-cloud/pubsub is currently using node-forge version 1.0.0 (https://github.com/googleapis/google-p12-pem/blob/main/package.json#L43)
googleapis
google-cloud/pubsub
Upgrading to node-forge version 1.3.1 will help us to resolve this vulnerability.
1.3.1
We have identified a security vulnerability in the route that ends with
@googleapis>google-auth-library>gtoken>google-p12-pem>node-forgeand@google-cloud/pubsub>google-auth-library>gtoken>google-p12-pem>node-forgefornode-forgeversion1.0.0.googleapisandgoogle-cloud/pubsubis currently usingnode-forgeversion1.0.0(https://github.com/googleapis/google-p12-pem/blob/main/package.json#L43)Upgrading to
node-forgeversion1.3.1will help us to resolve this vulnerability.