Security Vulnerabilities
maureenferreira opened this issue · 2 comments
maureenferreira commented
After pulling the Docker container from Docker Hub, Docker Scout found 4 different security vulnerabilities of varying severity, two being a High severity rating.
claabs commented
I just merged #364 to resolve the 3rd vulnerability in the list.
The kind-of vulnerability appears to be a false positive, as the CVE only mentions versions >=6.0.0 <6.0.3. See Snyk on it.
The 4th vulnerability is within the localtunnel dependency. I don't believe this vulnerability is a concern in localtunnel's case, and that's mentioned here.
maureenferreira commented
Ah, alright! Thanks for clearing that up. Perhaps some type of disclaimer regarding this should be added to the repo's README.md?