Skip to content
This repository has been archived by the owner on Nov 8, 2022. It is now read-only.

Upgrade mkdirp deps to 1.0.3 to fix Critical CVE #16

Closed
mleneveut opened this issue Mar 17, 2020 · 0 comments
Closed

Upgrade mkdirp deps to 1.0.3 to fix Critical CVE #16

mleneveut opened this issue Mar 17, 2020 · 0 comments

Comments

@mleneveut
Copy link

What / Why

The package mkdir 0.5.1 contains a dependency to minimist 0.0.8, which has the CVE-2020-7598, scored 9.8

When

  • n/a

Where

  • package.json

How

Current Behavior

  • n/a

Expected Behavior

  • n/a

Who

  • n/a

References

https://nvd.nist.gov/vuln/detail/CVE-2020-7598

npm/cli#1027
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@lukekarrys @mleneveut