scanossmining
commented
1 year ago @David-Merian-CI Thank you for the heads up! I will close this issue, since we do have in our list all Tree-kit CPEs that are affected by this new vulnerability.
Closed ghost closed 1 year ago
scanossmining
commented
1 year ago @David-Merian-CI Thank you for the heads up! I will close this issue, since we do have in our list all Tree-kit CPEs that are affected by this new vulnerability.
Hi there, Just a heads up there's a new prototype pollution CVE for cronvel/tree-kit that is listed in this file. More info about the CVE: https://www.code-intelligence.com/blog/treekit-prototype-pollution-cve-2023-38894 Make sure whatever's pulling this repo is updating to the latest version of tree-kit. Cheers