Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Help - Can you confirm which releases contain the fix for addressing the find-my-way vulnerability CVE-2024-45813? #1062

Closed
cjin62 opened this issue Oct 2, 2024 · 3 comments
Closed

Help - Can you confirm which releases contain the fix for addressing the find-my-way vulnerability CVE-2024-45813? #1062

cjin62 opened this issue Oct 2, 2024 · 3 comments
Labels
help wanted Extra attention is needed question Further information is requested

Comments

@cjin62
Copy link

cjin62 commented Oct 2, 2024

💬 Question here

a clear and concise description of your question

Can you confirm which releases contain the fix for addressing the find-my-way vulnerability CVE-2024-45813?

// example codes if any

If possible add a link to sample codes for error reproduction (github or replit)

Your Environment

  • node version: 10, 12, 13
  • fastify version: >=2.0.0
  • os: Mac, Windows, Linux
  • any other relevant information
@cjin62 cjin62 added the help wanted Extra attention is needed label Oct 2, 2024
@dosubot dosubot bot added the question Further information is requested label Oct 2, 2024
@Uzlopak
Copy link

Uzlopak commented Oct 2, 2024

First of all, find-my-way is not a fastify specific library.

Second of all, patched versions can be seen in the link of the CVE you posted yourself.
image

@Eomm
Copy link
Member

Eomm commented Oct 3, 2024

It is up to your project and setup.

Assuming you have a package-lock.json, run these commands:

npm ls find-my-way
npm update find-my-way --save

@Eomm Eomm closed this as not planned Won't fix, can't repro, duplicate, stale Oct 3, 2024
@cjin62
Copy link
Author

cjin62 commented Oct 3, 2024

I see - let me get your feedback to my development team - thank you @Eomm

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
help wanted Extra attention is needed question Further information is requested
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@Uzlopak @Eomm @cjin62