Update the uglify-js dependency to 2.4.24

team-telnyx / telnyx-node

Node SDK for the Telnyx API

https://developers.telnyx.com/docs/api/v2/overview

MIT License

54 stars 20 forks source link

Update the uglify-js dependency to 2.4.24 #152

Closed prince76007 closed 1 year ago

prince76007 commented 1 year ago

The uglify-js package before 2.4.24 for Node.js does not properly account for non-boolean values when rewriting boolean expressions, which might allow attackers to bypass security mechanisms or possibly have unspecified other impacts by leveraging improperly rewritten Javascript.

package name: uglify-js

fixed version: 2.4.24

ADandyGuyInSpace commented 1 year ago

Resolved in the last update