minimist versions used in this contains couple of known vulnerabilities

sematext / sematext-agent-express

Express.js Monitoring and Logging Agent by Sematext

https://sematext.com/docs/integration/express.js/

Apache License 2.0

16 stars 1 forks source link

minimist versions used in this contains couple of known vulnerabilities #4

Closed ipmanlk closed 3 years ago

ipmanlk commented 4 years ago

This package contains outdated versions of minimist that contain couple of vulnerabilities.

otisg commented 4 years ago

I thiiiiiink @adnanrahic just fixed that earlier today. Could you please check the latest version?

Ip Man? 👍

adnanrahic commented 4 years ago

Hey @ipmanlk ! Yes, we're aware of this. It's an issue with the gc-stats module and they're aware of it. You can see here that there's an open PR to be merged as soon as the maintainer sees it.

We will update our packages ASAP, once that PR gets merged.

adnanrahic commented 3 years ago

We forked the repo and maintain our own fork. The dependencies are updated now.