Skip to content
/ qp-n8n Public
forked from n8n-io/n8n

Commit

Permalink
fix(Code Node): Update vm2 to address CVE-2023-29017 (n8n-io#5947)
Browse files Browse the repository at this point in the history 
Update vm2 to fix CVE-2023-29017

GH advisory: GHSA-7jxr-cg7f-gpgv

Co-authored-by: Loganaden Velvindron <logan@cyberstorm.mu>
  • Loading branch information
@netroy @loganaden @sunilrr
2 people authored and sunilrr committed Apr 24, 2023
1 parent 08f65d3 commit 9c81a94
Show file tree
Hide file tree
Showing 2 changed files with 7 additions and 14 deletions.
2 changes: 1 addition & 1 deletion packages/nodes-base/package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -463,7 +463,7 @@
"ssh2-sftp-client": "^7.0.0",
"tmp-promise": "^3.0.2",
"uuid": "^8.3.2",
"vm2": "~3.9.5",
"vm2": "~3.9.15",
"xlsx": "^0.17.0",
"xml2js": "^0.4.23"
}
Expand Down
19 changes: 6 additions & 13 deletions pnpm-lock.yaml
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

0 comments on commit 9c81a94

Please sign in to comment.