Replace cuid with cuid2 to fix CVE-2019-25010 & CVE-2020-25575 vulnerabilities
#156
Assignees
Labels
internal
Internal issues and tasks. No direct impact on end-user.
security:prevention
Security vulnerability prevention fix.
Milestone
Comments
ivangabriele
added
internal
ivangabriele
changed the title
cuid in Core with cuid2 to fix CVE-2019-25010 & CVE-2020-25575cuid in Core with cuid2 to fix CVE-2019-25010 & CVE-2020-25575 vulnerabilities
ivangabriele
changed the title
cuid in Core with cuid2 to fix CVE-2019-25010 & CVE-2020-25575 vulnerabilitiescuid with cuid2 to fix CVE-2019-25010 & CVE-2020-25575 vulnerabilities
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
cuidcrate depends onbase36which itself depends onfailure. There is apparently no directly threat since it seems to require overriding a private function. But the goal is to keep a 0 vulnerability track, as far as possible.The text was updated successfully, but these errors were encountered: