You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
An issue discovered in debug 2.6.9.
A vulnerability classified as problematic has been found in debug-js debug up to 3.0.x. This affects the function useColors of the file src/node.js. The manipulation of the argument str leads to inefficient regular expression complexity. Upgrading to version 3.1.0 is able to address this issue.
The fix for CVE-2017-20165 was patched in both 3.1.0 and 2.6.9, as listed in the link you provided. Thia module already includes the patch as it is using the patched 2.6.9 version (it was the only change in the 2.6.9 release even).
An issue discovered in debug 2.6.9.
A vulnerability classified as problematic has been found in debug-js debug up to 3.0.x. This affects the function useColors of the file src/node.js. The manipulation of the argument str leads to inefficient regular expression complexity. Upgrading to version 3.1.0 is able to address this issue.
See https://security.snyk.io/vuln/SNYK-JS-AXIOS-6032459](https://nvd.nist.gov/vuln/detail/CVE-2017-20165)
The issue was resolved on debug 3.1.0.
Please update debug package to 3.1.0 or newer.
The text was updated successfully, but these errors were encountered: