Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Black Duck identifies high vulnerability issue with 1.13.0 version #2922

Closed
syed12304 opened this issue Apr 12, 2021 · 1 comment
Closed

Black Duck identifies high vulnerability issue with 1.13.0 version #2922

syed12304 opened this issue Apr 12, 2021 · 1 comment
Labels
duplicate invalid

Comments

@syed12304
Copy link

syed12304 commented Apr 12, 2021
edited
Loading

Description
The package latest underscore version support
@jgonggrijp
Copy link
Collaborator

@syed12304 This is a false alarm. We fixed CVE-2021-23358 in version 1.12.1 (see #2917 and the change log). 1.13.0 is the successor of both 1.12.1 and 1.13.0-3. Please contact the maintainers of Black Duck for a solution.

Next time you want to report a security issue, please don't submit an issue ticket but email us. See the security policy. No harm done in this case, though.

@lumburr lumburr mentioned this issue Mar 16, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
duplicate invalid
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jgonggrijp @syed12304