Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bug: DoS vulnerability in ws dependency #29953

Open
Dan-C-Reed opened this issue Jun 19, 2024 · 0 comments · May be fixed by #29960
Open

Bug: DoS vulnerability in ws dependency #29953

Dan-C-Reed opened this issue Jun 19, 2024 · 0 comments · May be fixed by #29960
Labels
Status: Unconfirmed A potential issue that we haven't yet confirmed as a bug

Comments

@Dan-C-Reed
Copy link

react-devtools-core has ws as a dependency and in release 8.17.1 ws have issued a fix to a DoS vulnerability (link). Would it be possible to upgrade to use this version of ws?

(Apologies if I have filed this in the incorrect place, but I was unclear on where these issues should be raised.)

React version: React DevTools 5.3.0

Steps To Reproduce

Link to code example:

Link

The current behavior

NA

The expected behavior

NA
@Dan-C-Reed Dan-C-Reed added the Status: Unconfirmed A potential issue that we haven't yet confirmed as a bug label Jun 19, 2024
@Rekl0w Rekl0w linked a pull request Jun 20, 2024 that will close this issue
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Status: Unconfirmed A potential issue that we haven't yet confirmed as a bug
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fix #29953: Update ws npm dependency to version 8.17.1 Rekl0w/react
1 participant
@Dan-C-Reed