You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
"overview": "The debug module is vulnerable to regular expression denial of service when untrusted user input is passed into the `o` formatter. It takes around 50k characters to block for 2 seconds making this a low severity issue.","recommendation": "Upgrade to version 2.6.9 or greater if you are on the 2.6.x series or 3.1.0 or greater.","cvssVector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L","cvssScore": 3.7,"module": "debug","version": "2.2.0","vulnerableVersions": "<= 2.6.8 || >= 3.0.0 <= 3.0.1","patchedVersions": ">= 2.6.9 < 3.0.0 || >= 3.1.0","title": "Regular Expression Denial of Service","path": ["image-to-ascii@3.0.11","image-parser@1.2.5","gm-tools@1.0.8","gm@1.23.0","debug@2.2.0"],"advisory": "https://nodesecurity.io/advisories/534"
Could you please upgrade your dependencies?
Thank you!
Cheers,
Andrej
The text was updated successfully, but these errors were encountered:
On 4 Jan 2018, at 15:37, Ionică Bizău (Johnny B.) ***@***.***> wrote:
Closed #61.
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub, or mute the thread.
Hello,
due to one of your dependency, is your plugin marked as insecure,
Here is full report log
Could you please upgrade your dependencies?
Thank you!
Cheers,
Andrej
The text was updated successfully, but these errors were encountered: