WS-2018-0215 (Medium) detected in cached-path-relative-1.0.1.tgz - autoclosed #182
Labels
Mend: dependency security vulnerability
Security vulnerability detected by WhiteSource
Comments
mend-bolt-for-github
bot
added
the
Mend: dependency security vulnerability
mend-bolt-for-github
bot
changed the title
|
✔️ This issue was automatically closed by WhiteSource because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the WhiteSource inventory. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
WS-2018-0215 - Medium Severity Vulnerability
Memoize the results of the path.relative function
Library home page: https://registry.npmjs.org/cached-path-relative/-/cached-path-relative-1.0.1.tgz
Path to dependency file: /E-voting-using-blockchain/evoting app/src/package.json
Path to vulnerable library: E-voting-using-blockchain/evoting app/src/node_modules/cached-path-relative/package.json
Dependency Hierarchy:
Version of cached-path-relative before 1.0.2 are vulnerable to prototype pollution.
Publish Date: 2018-11-07
URL: WS-2018-0215
Base Score Metrics not available
Type: Upgrade version
Origin: ashaffer/cached-path-relative@a43cffe
Release Date: 2018-12-06
Fix Resolution: 1.0.2
Step up your Open Source Security Game with WhiteSource here
The text was updated successfully, but these errors were encountered: