osdir.com


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Fwd: [apache/fineract-cn-group-finance] One of your dependencies may have a security vulnerability


Hello Pembe Miriam,

Here's a helpful message about our newest repository forwarded to us by the
Apache Security Team.  Please keep us updated on how you handle this
information.

Best Regards,
Myrle

---------- Forwarded message ---------
From: Apache Security Team <security@xxxxxxxxxx>
Date: Sun, Jul 1, 2018 at 9:59 AM
Subject: Fwd: [apache/fineract-cn-group-finance] One of your dependencies
may have a security vulnerability
To: <private@xxxxxxxxxxxxxxxxxxx>
Cc: Apache Security Team <security@xxxxxxxxxx>


FYI

---------- Forwarded message ----------
From: GitHub <notifications@xxxxxxxxxx>
Date: Thu, Jun 28, 2018 at 8:00 AM
Subject: [apache/fineract-cn-group-finance] One of your dependencies may
have a security vulnerability
To: apache/fineract-cn-group-finance <
fineract-cn-group-finance@xxxxxxxxxxxxxxxxxx>
Cc: Security alert <security_alert@xxxxxxxxxxxxxxxxxx>


We found a potential security vulnerabilty in one of your dependencies
[image: GitHub] <https://github.com> Sign in <https://github.com/login>
*asfsecurity,*

We found a potential security vulnerability in a repository for which you
have been granted security alert access.
[image: @apache] apache/fineract-cn-group-finance
<https://github.com/apache/fineract-cn-group-finance>
Known * moderate severity* security vulnerability detected in hoek < 4.2.1
defined in package-lock.json
<https://github.com/apache/fineract-cn-group-finance/blob/master/package-lock.json>.

package-lock.json
<https://github.com/apache/fineract-cn-group-finance/blob/master/package-lock.json>
update suggested: hoek ~> 4.2.1.
Always verify the validity and compatibility of suggestions with your
codebase.
Review vulnerable dependency
<https://github.com/apache/fineract-cn-group-finance/network/dependencies>
------------------------------

Only users who have been assigned access to security alerts will receive
these notifications.
Unsubscribe
<https://github.com/notifications/unsubscribe-vulnerability/AiUHByVm6ukPyfG2WNp8NAbrOwEcHd5hks5uBH7vgaJpZM4U62UP>
· Email preferences <https://github.com/settings/emails> · Terms
<https://help.github.com/articles/github-terms-of-service/> · Privacy
<https://help.github.com/articles/github-privacy-policy/> · Sign into GitHub
<https://github.com/login>

GitHub, Inc.
88 Colin P Kelly Jr St.
San Francisco, CA 94107
<https://maps.google.com/?q=88+Colin+P+Kelly+Jr+St.%0D%0A+++++++++++++++++++++++++++++San+Francisco,+CA+94107&entry=gmail&source=g>