Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Vulnerability for ip 2.0 package in socks-proxy-agent #284

Closed
enfcyco opened this issue Feb 13, 2024 · 2 comments
Closed

Vulnerability for ip 2.0 package in socks-proxy-agent #284

enfcyco opened this issue Feb 13, 2024 · 2 comments

Comments

@enfcyco
Copy link

enfcyco commented Feb 13, 2024

Vulnerability for ip package in socks-proxy-agent. Can that removed and propagated up through the packages that use it?

This issue was changed to be a problem in IP 2.0 also.

GHSA-78xj-cgh5-2h22

Thanks
@invaderb
Copy link

This is due to the dependency on socks which has the dependency on the vulnerable ip package. in socks 2.7.3 they removed the ip dependency

https://github.com/JoshGlazebrook/socks/releases/tag/2.7.3

@TooTallNate
Copy link
Owner

This was already fixed in #281.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@enfcyco @TooTallNate @invaderb