phpmailer vulnerabilities found in quform/composer.lock

Home Forums Quform PHP phpmailer vulnerabilities found in quform/composer.lock

This topic is: resolved
Viewing 5 posts - 1 through 5 (of 5 total)
  • Author
    Posts
  • #33189
    jeffaltman
    Participant

    Hi – Github tells me there is a quform security vulnerability as follows:
    3 phpmailer/phpmailer vulnerabilities found in quform/composer.lock

    I did not find anything in the forums. The suggested remediation is:

    Upgrade phpmailer/phpmailer to version 6.5.0 or later. For example:

    "require": {
      "phpmailer/phpmailer": "6.5.0"
    }

    What do you suggest?

    Thanks.

    #33190
    Ally
    Support Staff

    You don't have permission to view this content. Please log in or register and then verify your purchases to gain access.

    #33191
    jeffaltman
    Participant

    Hello – Thanks for responding. However, I do not have access to the CLI. When do you expect the next release and will I receive that release?

    Thank you,

    Jeff

    #33194
    Ally
    Support Staff

    You don't have permission to view this content. Please log in or register and then verify your purchases to gain access.

    #33195
    jeffaltman
    Participant

    Hi Ally – Thank you for the quick response and updated version. Per your instructions, I replaced composer.json and composer.lock and the entire vendor folder. Tested and appears to be working. Also, no dependabot notices.

    Warmest regards – Jeff

Viewing 5 posts - 1 through 5 (of 5 total)
  • You must be logged in to reply to this topic.
Be inspired. © 2020 ThemeCatcher Ltd. 20-22 Wenlock Road, London, England, N1 7GU | Company No. 08120384 | Built with React | Privacy Policy