Issue on a dependency - CVE-2023-37466 & CVE-2023-37903
Closed this issue · 2 comments
Reni88 commented
Hi,
Good day.
Just wanted to inform that we encountered a security issue on one of proxy-agent dependency for its version 5.0.0:
Dependency: vm2
Version: 3.9.19
It is raised under this CVE ID: CVE-2023-37466 & CVE-2023-37903
If this was already discussed and resolution was already delivered. Let us know.
Thank you.
TooTallNate commented
This issue was already fixed in #224.
Reni88 commented
Hi @TooTallNate , thank you for the response. Yes, we concluded that we are not using the version with that commit. We will update the package to include this. Thank you again!