-
Notifications
You must be signed in to change notification settings - Fork 7.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CVE @xmldom/xmldom <0.8.3 #7958
Comments
👋 Thanks for opening your first issue here! 👋 If you're reporting a 🐞 bug, please make sure you include steps to reproduce it. We get a lot of issues on this repo, so please be patient and we will get back to you as soon as we can. |
It looks like Looking at the package-lock.json, it looks like the reason it is installed is because of FYI: it looks like the CVE-2022-37616 hasn't been updated to include the |
Description
@xmldom/xmldom
has reported a CVE which results in a (successfully) failing audit pipeline in our GitLabReduced test case
GHSA-9pgh-qqpf-7wqj
Steps to reproduce
video.js
and/or@videojs/http-streaming
pnpm audit
Errors
No response
What version of Video.js are you using?
7.20.3
Video.js plugins used.
@videojs/http-streaming
What browser(s) including version(s) does this occur with?
🤷
What OS(es) and version(s) does this occur with?
MacOS
The text was updated successfully, but these errors were encountered: