Library Security Vulnerabilities (chirpstack-network-server-v3.16.1, Total: 1) 2023-05-08 CVE-2019-19919 (Severity: Critical)
Can anyone tell me whether the CVE-2019-19919 (Severity: Critical) is resolved in chirpstack and on which version?
If there is a security issue, could you please post the issue at the related GitHub repository?
However, I’m a bit confused by the potential security issue. CVE-2019-19919 is about a NPM (JS) package (handlebars). The ChirpStack Network Server does not use any NPM packages as it has no web-interface. It might be related to the ChirpStack Application Server?
A bit more context would be appreciated.