-
-
Notifications
You must be signed in to change notification settings - Fork 3.9k
New issue
Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? # to your account
Patch request for vulnerability CVE-2022-2564 (prototype pollution) in version 5.x #12281
Comments
@shubanker Github advisory GHSA-f825-f98c-gj3g is still showing fix version 6.4.6 . Does it take time generally to get updated there ? |
@neeraj-vts not sure, maybe @vovikhangcdv or @vkarpov15 can help fix the status. |
It has to be manually reported to Github from the place where the security issue was created in the first place. So probably @vkarpov has to update it in huntr.dev |
@vkarpov15 Could you update above please ? |
It looks like this was already fixed, GHSA-f825-f98c-gj3g lists 5.13.15 as a patched version. |
Prerequisites
Issue
we have a vulnerability CVE-2022-2564 for version 5.x. The CVS score is 7.0.
Please let us know if you will be providing a patch for 5.x.
We noticed that this was already fixed in 6.x with patch
It would be great if you can downport to 5.x at the earliest.
The text was updated successfully, but these errors were encountered: