Skip to content

Commit 4a44512

Browse files
mergify[bot]hl662Copilot
authored
Security: fix high-severity CVE-2026-30951 (GHSA-6457-6jrx-69cr) in sequelize (backport #9080) [release/4.11.x] (#9083)
Co-authored-by: Nam Le <50554904+hl662@users.noreply.github.com> Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
1 parent f3e1c1c commit 4a44512

2 files changed

Lines changed: 12 additions & 8 deletions

File tree

common/config/rush/pnpm-config.json

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -19,7 +19,9 @@
1919
"minimatch@>=9.0.0 <9.0.7": "^9.0.7", // https://github.com/advisories/GHSA-7r86-cg39-jmmj and https://github.com/advisories/GHSA-23c5-xmqv-rm74
2020
"glob@>=11.0.0 <11.1.0": "^11.1.0", // https://github.com/advisories/GHSA-5j98-mcp5-4vw2 cpx2>glob
2121
"axios": "^1.13.5", // https://github.com/advisories/GHSA-43fc-jf86-j433
22-
"serialize-javascript": "^7.0.3" // https://github.com/advisories/GHSA-5c6j-r48x-rmvq mocha>serialize-javascript (related to CVE-2020-7660)
22+
"serialize-javascript": "^7.0.3", // https://github.com/advisories/GHSA-5c6j-r48x-rmvq mocha>serialize-javascript (related to CVE-2020-7660)
23+
"sequelize": ">=6.37.8", // https://github.com/advisories/GHSA-6457-6jrx-69cr azurite>sequelize
24+
"underscore": ">=1.13.8" // https://github.com/advisories/GHSA-qpx9-hpmf-5gmw json-schema-faker>jsonpath>underscore
2325
},
2426
// A list of temporary advisories excluded from the High and Critical list.
2527
// Warning this should only be used as a temporary measure to avoid build failures

common/config/rush/pnpm-lock.yaml

Lines changed: 9 additions & 7 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)