Guus De Graeve

icon indicating a website link https://www.hauws.com

icon company @HAUWS icon location Ghent, Belgium

Results 3 issues of Guus De Graeve

Upgrade axios version to fix CVE-2023-26159

1 comment

The `axios` version used is vulnerable to Improper Input Validation through sub-dependency `follow-redirects`. This PR upgrades the `axios` version in order to mitigate this vulnerability. More info: [https://nvd.nist.gov/vuln/detail/CVE-2023-26159](https://nvd.nist.gov/vuln/detail/CVE-2023-26159)

chore: upgrade follow-redirects package in order to fix security vulnerability

2 comment

Versions of the follow-redirects package prior to version 1.15.4 are vulnerable to improper input validation. This PR upgrades the dependency, without changing the lockfile version. See [CVE-2023-26159](https://nvd.nist.gov/vuln/detail/CVE-2023-26159) This should fix...

if getMetadataForRegion returns NULL, continue

getMetadataForRegion can return NULL for invalid region codes, in that case just continue looping region codes