Actualizar version de Knex #376
Assignees
Comments
|
Hey team! Please add your planning poker estimate with Zenhub @hacheG @ManuelStardust |
This was
linked to
pull requests
Jan 17, 2024
Closed
Merged
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Descripción:
Luego de ejecurtar ´yarn npm audit --all´ se encuentra que knex debe ser actualizada ya que existen vulnerabilidades en la version actual de biotablero.
knex: 1.0.7
├─ Issue: Knex.js has a limited SQL injection vulnerability
├─ URL: GHSA-4jv9-3563-23j3
├─ Severity: high
├─ Vulnerable Versions: <2.4.0
├─ Patched Versions: >=2.4.0
├─ Via: knex
Resultado:
knex en la version >=2.4.0
Consideraciones:
Realizar multiples pruebas sobre todos los endpoints en todos los modulos
The text was updated successfully, but these errors were encountered: