Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1ndjItNTd2ai05OXhj
Low severity vulnerability that affects eye.js
Test breaking
Impact
In v1.2.0, tests are broken: all tests are always succeeding. If tests are looking for security vulnerabilities, these were compromised.
Patches
Users should upgrade to v1.2.1
Workarounds
Users who don't use eye.js for looking for vulnerabilities are safe. Upgrading will just fix some bugs.
For more information
If you have any questions or comments about this advisory:
- Open an issue in EyeJS
- Email us at [email protected]
JSON: https://advisories.ecosyste.ms/api/v1/advisories/MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW1ndjItNTd2ai05OXhj
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Low
Classification: General
Published: over 4 years ago
Updated: over 1 year ago
Identifiers: GHSA-mgv2-57vj-99xc
References:
- https://github.com/arguiot/EyeJS/security/advisories/GHSA-mgv2-57vj-99xc
- https://github.com/advisories/GHSA-mgv2-57vj-99xc
Blast Radius: 0.0
Affected Packages
npm:eye.js
Dependent packages: 16Dependent repositories: 19
Downloads: 49 last month
Affected Version Ranges: = 1.2.0
Fixed in: 1.2.1
All affected versions: 1.2.0
All unaffected versions: 0.0.0, 0.0.1, 0.0.2, 0.0.3, 0.0.4, 0.1.0, 0.2.0, 1.0.0, 1.0.1, 1.0.2, 1.1.0, 1.1.1, 1.1.2, 1.2.1