search

ui5-community / wdi5

official UI5 end-to-end test framework for UI5 web-apps. wdi5 = Webdriver.IO + UI5 Test API
https://ui5-community.github.io/wdi5/
Apache License 2.0
102 stars 43 forks source link

WS package vulnerabilty in wdio/cli@8.39.1 #630

Closed mccmrunal closed 2 months ago

mccmrunal commented 2 months ago

WS package vulnerabilty in wdio/cli@8.39.1

we are using the latest version of wdio/cli , but in there WS (websocket package is used) version 8.13.0 which is marked as a high priority issue in our mendbolt scan if possible please upgrade the version of the websocket , as its marked as a severe threat in our mend bolt scan

Below are screenshot for the results image image

vobu commented 2 months ago

if needed, please report this directly to the webdriverio repository. the cli is reused from wdio and not part of wdi5. thanks!