You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
There is a vulnerability ticket opened internally on pytorch/kineto, related to Tensorboard. Could someone please help take a look? @guotuofeng, @guyang3532 - are you guys the maintainers for tb_plugin? I couldn't find you internal.
GitHub has detected that a package defined in the tb_plugin/fe/yarn.lock file of the pytorch/kineto repository contains a security vulnerability.
There is a vulnerability ticket opened internally on pytorch/kineto, related to Tensorboard. Could someone please help take a look? @guotuofeng, @guyang3532 - are you guys the maintainers for tb_plugin? I couldn't find you internal.
GitHub has detected that a package defined in the tb_plugin/fe/yarn.lock file of the pytorch/kineto repository contains a security vulnerability.
Package name: nanoid
Affected versions: < 3.1.31
Fixed in version: 3.1.31
Severity: MODERATE
Identifier(s):
GHSA-qrpm-p2h7-hrv2
CVE-2021-23566
Reference(s):
https://nvd.nist.gov/vuln/detail/CVE-2021-23566
ai/nanoid#328
https://github.com/…/2b7bd9332bc49b6330c7ddb08e5c661833db25…
https://gist.github.com/ar…/bc6d1eb9a3477d15d2772e876169a444
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-2332550
https://snyk.io/vuln/SNYK-JS-NANOID-2332193
GHSA-qrpm-p2h7-hrv2
This task should automatically close when the alert is cleared on GitHub.
The text was updated successfully, but these errors were encountered: