-
Notifications
You must be signed in to change notification settings - Fork 26
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Snyk vulnerability through formidable dependency #124
Comments
Likewise, same problem with our application too. |
Just linking to the open issue on superagent to update their dependency on formidable: ladjs/superagent#1725 |
I'll take a look and issue a |
@bpolanczyk any updates on this? it would be great to be able to upgrade without forcing a local resolution. Thank you! |
This is still flagging |
Does anyone have a resolution for this? We're getting this as a critical severity as of this morning: I've also raised an issue with SuperAgent: |
Hi, Snyk is identifying an Arbitrary File Upload vulnerability in my project (deemed as Critical) introduced through:
sumo-logger@2.8.1 > superagent@7.1.3 > formidable@2.0.1
. It seems to have been fixed in formidable@3.2.4. Are there any plans to update this dependency to eliminate this vulnerability?The text was updated successfully, but these errors were encountered: