ng2-file-upload icon indicating copy to clipboard operation
ng2-file-upload copied to clipboard
verified publisher icon valor-software

GitHub advisory for all versions >= 0

Open grichards23 opened this issue 3 months ago • 2 comments

Have the compromised versions of this package been removed from the npm registry? The advisory, more than 24 hours later, is still saying all versions

ng2-file-upload GitHub Advisory

Our CI/CD pipeline has a dependency on npm audit results and continues to fail until this gets updated to specific affected versions.

grichards23 avatar Sep 16 '25 13:09 grichards23

I also have this warning in Intellij pointing to : https://osv.dev/vulnerability/MAL-2025-47196

tahitiangabriel avatar Sep 17 '25 02:09 tahitiangabriel

Hi, all compromised versions were deleted, v9.0.0 is as safe as it was.

lexasq avatar Sep 17 '25 08:09 lexasq