Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
The only remaining vulnerability is request/tough-cookies, but this application is unaffected by it due to the fact that request does not use the vulnerable tough-cookie rejectPublicSuffixes=false mode. See: - https://github.com/request/request/blob/8162961dfdb73dc35a5a4bfeefb858c2ed2ccbb7/lib/cookies.js#L21 - https://nvd.nist.gov/vuln/detail/CVE-2023-26136 'request' will be replaced by a maintained alternative (node-fetch) in the next major release.
- Loading branch information