Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Old version of debug dependency introduces CVE-2017-16137 vulnerability #2146

Labels

Comments

@amin-kchaou
Copy link

Issue

nodemon uses debug@^3.2.7 which contains the CVE-2017-16137 vulnerability.
The earliest fix for this vulnerability is in [email protected]. It would be appreciated it you could update nodemon's debug to that or higher.

@remy remy closed this as completed in 533ad9c Dec 1, 2023
Copy link

github-actions bot commented Dec 1, 2023

🎉 This issue has been resolved in version 3.0.2 🎉

The release is available on:

Your semantic-release bot 📦🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment