client-native icon indicating copy to clipboard operation
client-native copied to clipboard
verified publisher icon haproxytech

Updates dependencies to address CVEs

Open AdamJCrawford opened this issue 4 months ago • 0 comments

JFrog's Xray is still making the latest version of this package (6.2.4) as vulnerable to the following CVEs. I'm not sure where these deps are getting pulled from, but they should be updated.

CVE-2023-49568 CVE-2023-49569 CVE-2025-21613 CVE-2025-21614 CVE-2025-22868 CVE-2025-22869

AdamJCrawford avatar Sep 19 '25 19:09 AdamJCrawford