search

letsdoitworld / World-Cleanup-Day

☀️ World Cleanup Day: App (React Native) & Platform (Node). Join us in building software for a cleaner planet! PRs welcome!
https://www.letsdoitworld.org/
GNU General Public License v3.0
109 stars 45 forks source link

GitHub reported a potential security vulnerability in auth0.js #184

Open krishaamer opened 6 years ago

krishaamer commented 6 years ago

2 known vulnerabilities found:

CVE-2017-17068 High severity

CVE-2018-7307 Moderate severity

Fix requires updating from auth0 version 7 to version 9 which introduces breaking API changes. Thus needing changes to our code and testing.

KristiinaKerge commented 6 years ago

is it ok now @darjalsk