CVE-2023-36665 vunerablity in protobufjs >= 6.10.0, < 7.2.4
letsgolesco opened this issue · 1 comments
letsgolesco commented
pprof depends on a vulnerable library protobufjs ~7.0.0
A fix is available in protobufjs 7.2.4
Vulnerability link: GHSA-h755-8qp9-cq85
Can we upgrade this dependency to 7.2.4?
aabmass commented
Thanks for flagging, I'll take this