Skip to content
This repository was archived by the owner on Jul 29, 2024. It is now read-only.
This repository was archived by the owner on Jul 29, 2024. It is now read-only.

Malicious package in protractor lib dependencies #4844

Description

@IgorSasovets

Security issue

  • Node Version: 8.4.0
  • Protractor Version: 5.3.2

Hi, Team! Recently I found vulnerable package in protractor dependencies when was analyzing small protractor project using Snyk tool. I've opened issue in webdriver-js-extender repository and now waiting for response. Issue related to usage of outdated selenium-webdriver package version. They've already fixed it and replaced adm-zip(vulnerable package previously used by selenium-webdriver). Please pay attention to this.

Best regards,
Igor
screen shot 2018-06-04 at 12 31 29 pm

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions