Security Vulnerability in dependency
broughtonkkornl opened this issue · comments
broughtonkkornl commented
Andrey Sitnik commented
It is false alarm. This security issue doesn’t affect Nano ID 2.x.
I am trying to contact Snyk, but they are silent for some reason.
Andrey Sitnik commented
Snyk told that CVE was changed and will be updated in a few days.
broughtonkkornl commented
Andrey:
I appreciate the quick response, I am happy to hear it is being addressed.
Thanks,
Kim Broughton
…________________________________
From: Andrey Sitnik ***@***.***>
Sent: Monday, January 31, 2022 1:53 PM
To: dylang/shortid ***@***.***>
Cc: Broughton, Kim ***@***.***>; Author ***@***.***>
Subject: [EXTERNAL] Re: [dylang/shortid] Security Vulnerability in dependency (Issue #164)
Snyk told that CVE was changed and will be updated in a few days.
—
Reply to this email directly, view it on GitHub<#164 (comment)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/APONKIZGYQAQT3FJQ5FFF6DUY3LEHANCNFSM5NGYYELQ>.
Triage notifications on the go with GitHub Mobile for iOS<https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675> or Android<https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub>.
You are receiving this because you authored the thread.Message ID: ***@***.***>