You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Here @looker/sdk uses request v^2.88.0 which when installed get to version 2.88.2.
As per vulnerability check - CVE-2023-28155 is introduced through v2.88.1 and greater.
A possible solution to vulnerability is to lower the version related to the request from ^2.88.0 to fixed 2.88.0 or depending on another package instead of request.
The text was updated successfully, but these errors were encountered:
There's vulnerability introduces is related to the https://www.npmjs.com/package/request is
https://www.cvedetails.com/cve/CVE-2023-28155/
request is not directly connected to @looker/filter-components but through @looker/filter-components -> @looker/sdk -> request
Here @looker/sdk uses request v^2.88.0 which when installed get to version 2.88.2.
As per vulnerability check - CVE-2023-28155 is introduced through v2.88.1 and greater.
A possible solution to vulnerability is to lower the version related to the request from ^2.88.0 to fixed 2.88.0 or depending on another package instead of request.
The text was updated successfully, but these errors were encountered: