Found CVE-2022-29622 in one of your dependent library- superagent

Question

Found CVE-2022-29622 in one of your dependent library- superagent

Dipenduroy opened this issue 2 years ago · comments

titanism · Answer 1 · Wed Jun 01 2022 13:14:35 GMT+0800 (China Standard Time)

Please file a request or submit a PR in formidable for the vulnerability fix to be backported to v2.x tag of formidable, the non-ESM version, as it should be backported for community CJS support.

Ref:

YolandaZhang369369 · Answer 2 · Fri Aug 26 2022 20:49:07 GMT+0800 (China Standard Time)

Hello, we found an security issue CVE-2022-29622 which is blocking our product release, could you please provide an updated version superagent which will support formidable - 3.2.4 ?
Thanks a lot!

YolandaZhang369369 · Answer 3 · Thu Sep 29 2022 11:11:30 GMT+0800 (China Standard Time)

Hello, we found an security issue CVE-2022-29622 which is blocking our product release, could you please provide an updated version superagent which will support formidable - 3.2.4 ?
Thanks a lot!

YolandaZhang369369 · Answer 4 · Thu Sep 29 2022 11:12:34 GMT+0800 (China Standard Time)

@titanism , could you please take a review of our urgent request above and share your fixing plan? Thanks!

titanism · Answer 5 · Thu Sep 29 2022 11:24:48 GMT+0800 (China Standard Time)

This is not an issue. If you read the CVE you will see that they lowered the severity and it's a non-issue. Please stop opening issues and spamming.