openjck
commented
6 years ago Apologies. Your version range already covers 0.9.19. I got confused about how the ^ selector behaves with 0.x.x versions.
Closed openjck closed 6 years ago
openjck
commented
6 years ago Apologies. Your version range already covers 0.9.19. I got confused about how the ^ selector behaves with 0.x.x versions.
Nightwatch 0.9.16 uses ejs 0.8.3, which has two known security vulnerabilities:
https://nvd.nist.gov/vuln/detail/CVE-2017-1000188 (moderate severity) https://nvd.nist.gov/vuln/detail/CVE-2017-1000228 (high severity)
Nightwatch 0.9.19 uses a version of ejs without these problems.