Giters

OneSignal / OneSignal-Cordova-SDK

OneSignal is a free push notification service for mobile apps. This plugin makes it easy to integrate your Ionic, PhoneGap CLI, PhoneGap Build, Cordova, or Sencha Touch app with OneSignal. Supports Android, iOS, and Amazon's Fire OS platforms. https://onesignal.com

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

[question]: Dependant on an insecure version of Google Play services basement 17.6.0

AndyStewart opened this issue · comments

commented

How can we help?

Hi

We've been happily using your services for many years now in the last couple of weeks our security scanners have detected that this plugin is dependent on an insecure version of play-services-basement(17.6.0).

https://nvd.nist.gov/vuln/detail/CVE-2022-2390

This issue is resolved as of play-services-basement 18.0.2 with the latest version being 18.3.0, are there any plans to update this library to be dependent on a more recent version?

Many thanks

Andy

Code of Conduct

  • I agree to follow this project's Code of Conduct