Security Report: growl@1.9.2 #2973
Comments
atian25
added a commit
to atian25/mocha
that referenced
this issue
Aug 29, 2017
|
FYI, there's a related PR at #2931 |
|
Going to close this as a duplicate of #2791, but feel free to take any additional discussion there -- in particular, if you can help us find any of the info mentioned in #2930 (comment), that would help us resolve this. |
mdholloway
pushed a commit
to mdholloway/wikimedia-page-library
that referenced
this issue
Jun 8, 2018
Needed to update growl (a dependency of mocha), which has a security vulnerability at 1.9.2. mochajs/mocha#2973 https://nodesecurity.io/advisories/146
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
146 - Command Injection
Vulnerable: <1.10.2 - Patched: >=1.10.2 - Path: mocha@3.5.0 > growl@1.9.2
How to fix
Update to version 1.10.2 or greater
https://nodesecurity.io/orgs/eggjs/projects/16be4d34-c7a2-4e01-9696-62a90742d571/71
The text was updated successfully, but these errors were encountered: