knolleary
commented
5 months ago Have published 0.3.4 with the updated dependencies.
Closed kasasusmitha12 closed 5 months ago
knolleary
commented
5 months ago Have published 0.3.4 with the updated dependencies.
We need to upgrade this version "4.19.2 or later." . We have found a vulnerability in the "express" package. Please consider upgrading and releasing new release notes for the package. Here I am providing CVE and Vendor Advisories CVE: https://nvd.nist.gov/vuln/detail/CVE-2024-29041
Venodr Advisories: https://github.com/expressjs/express/security/advisories/GHSA-rv95-896h-c2vc https://github.com/expressjs/express/releases/tag/4.19.2