-
Notifications
You must be signed in to change notification settings - Fork 11
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
arrayfire-js security issue #14
Comments
I don't get it. There is nothing to get donwloaded by ArrayFire.js itself. NPM downloads the module from the registry during the installation but it's part of the very standard Node.js module infrastructure. For the build process CMake.js downloads headers and lib files but it's been using https urls only, please refer to this file: https://github.com/cmake-js/cmake-js/blob/master/lib/es6/runtimePaths.js. |
@unbornchikken looks like the CVE is from 2016? but it only got published recently. I am not sure what is happening :-/ |
Looks like this is the original report: https://nodesecurity.io/advisories/192 |
this is funny :) |
arrayfire-js security issue :) |
@unbornchikken
Can you look into fixing this https://nvd.nist.gov/vuln/detail/CVE-2016-10598 ?
The text was updated successfully, but these errors were encountered: