union-value icon indicating copy to clipboard operation
union-value copied to clipboard

Published 20 hours ago verified publisher icon jonschlinkert

Fix: Upgrading Vulnerable set-value Package

Open loChris opened this issue 3 years ago • 8 comments

Updating set-value version from 3.0.0 to 4.1.0 since the v3 has a security vulnerability.

CVE-2021-23440

loChris avatar Sep 17 '21 15:09 loChris

@jonschlinkert, @doowb can you please review and merge this PR. it helps in resolving vulnerability

abdulgit2021 avatar Sep 29 '21 10:09 abdulgit2021

Apologies, I'm trying to spend more time on open source lately, I'll do this ASAP.

jonschlinkert avatar Sep 29 '21 12:09 jonschlinkert

@jonschlinkert any ETA?

nmccready avatar Oct 07 '21 16:10 nmccready

I just answered that

Sent from my iPhone

On Oct 7, 2021, at 12:07 PM, nmccready @.***> wrote:

 @jonschlinkert any ETA?

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub, or unsubscribe. Triage notifications on the go with GitHub Mobile for iOS or Android.

jonschlinkert avatar Oct 08 '21 00:10 jonschlinkert

still need this @jonschlinkert. There's quite a bit of packages that use this and subsequently also have security vulnerabilities

martinmckenna avatar Oct 27 '21 22:10 martinmckenna

@jonschlinkert any update on this? We are also waiting on this upstream change.

shanbady avatar Nov 09 '21 14:11 shanbady

Just a humble reminder on this issue

matrunchyk avatar May 24 '22 12:05 matrunchyk

One more reminder, please @jonschlinkert :)

matrunchyk avatar Aug 16 '22 15:08 matrunchyk