-
Notifications
You must be signed in to change notification settings - Fork 875
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Prototype Pollution in protobufjs #6438
Comments
I couldn't figure out how to label this issue, so I've labeled it for a human to triage. Hang tight. |
Thanks for bringing this up. All work on this repo specifically should be publicly viewable in issues and PRs, as well as in any dependencies that are open source. I think we can fix the issue by updating the I'll make a PR. |
[REQUIRED] Describe your environment
9.9.0
auth
We have a report on security vulnerability thanks to Github in our private repository.
I want to get rid of it.
More info: GHSA-g954-5hwp-pp24
I found that's because of dependency used in
firebase
package.Can you please help me to resolve it? 🙏
I already have an up-to-date version of the firebase.
Is the fix already in progress?
I can't know because the security vulnerability reports are private, in custom Google form, not here on Github where I would expect them when they are confirmed 😢
The text was updated successfully, but these errors were encountered: