Closed skadz closed 1 year ago
There is a CVE for the RSA module that is required by this package. Could it be updated to use a version that is not vulnerable (4.7 or higher). Thanks!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25658
Thanks for raising this. I have specified version 4.7 or higher in this PR #210 so it will be in the next release. Will close this when merged.
Added into #210
There is a CVE for the RSA module that is required by this package. Could it be updated to use a version that is not vulnerable (4.7 or higher). Thanks!
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25658