Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CVE-2024-45296: path-to-regexp update needed #2277

Closed
1 task
steuraa opened this issue Sep 11, 2024 · 2 comments
Closed
1 task

CVE-2024-45296: path-to-regexp update needed #2277

steuraa opened this issue Sep 11, 2024 · 2 comments
Labels
feature

Comments

@steuraa
Copy link

steuraa commented Sep 11, 2024

Scope

Improves an existing behavior

Compatibility

  • This is a breaking change

Feature description

Hello, currently we can't build our application anymore due to MSW having the path-to-regexp package as a dependency which is causing a CVE warning.
See https://nvd.nist.gov/vuln/detail/CVE-2024-45296.
Is there any change this could be quickly patched?
@paulo9mv paulo9mv mentioned this issue Sep 11, 2024
Closed
@paulo9mv
Copy link

pillarjs/path-to-regexp#323

@steuraa
Copy link
Author

steuraa commented Sep 11, 2024

Closing this as it's a duplicate of #2270

@steuraa steuraa closed this as completed Sep 11, 2024
@kettanaito kettanaito mentioned this issue Oct 5, 2024
Closed
@github-actions github-actions bot locked and limited conversation to collaborators Oct 28, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
feature
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@steuraa @paulo9mv