Skip to content

Commit

Permalink
Fixed url-parse vulnerability. See https://github.com/unshiftio/url-p…
Browse files Browse the repository at this point in the history 
…arse/blob/master/SECURITY.md#history

> url-parse returns wrong hostname which leads to multiple vulnerabilities such as SSRF, Open Redirect, Bypass Authentication Protocol.
  • Loading branch information
@alallier
alallier committed Aug 7, 2018
1 parent 58cc9ae commit 97accb7
Show file tree
Hide file tree
Showing 2 changed files with 10 additions and 10 deletions.
18 changes: 9 additions & 9 deletions package-lock.json
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@
"opn": "^5.3.0",
"serve-static": "~1.13.2",
"supervisor": "~0.12.0",
"url-parse": "~1.1.9",
"url-parse": "~1.4.3",
"ws": "~5.2.0"
},
"devDependencies": {
Expand Down

0 comments on commit 97accb7

Please sign in to comment.