search

jcreigno / nodejs-mail-notifier

nodejs library to listen incoming mail
MIT License
168 stars 77 forks source link

Issue on a dependency - CVE-2022-25883 #69

Open Reni88 opened 11 months ago

Reni88 commented 11 months ago

Hi,

Good day. Just wanted to inform that we encountered a security issue on one of mail-notifier dependency for its version 0.5.0:

Dependency: semver Version: 5.3.0

It is raised under this CVE ID: CVE-2022-25883

If this was already discussed and resolution was already delivered. Let us know. Thank you.

Reni88 commented 7 months ago

Hi @jcreigno,

Good day! I would like to follow up this issue. Is there’s any plan on fixing this?

Thank you.