elliptic 6.5.2 is causing audit issues

greymass / ual-anchor

Identity and session through ESR using EOSIO/universal-authenticator-library

MIT License

23 stars 16 forks source link

elliptic 6.5.2 is causing audit issues #14

Open makc opened 3 years ago

makc commented 3 years ago

Screen Shot 2021-03-23 at 2 51 59

aaroncox commented 3 years ago

One of the other libraries we include (anchor-link) turned out to be the source of the first one, just being out of date, which is now resolved in 1.0.3. The second moderate risk comes from eosjs, which we don't have control over.

makc commented 3 years ago

eosjs people replied that this will be fixed in v22