From af557780256c934f25535e3e71dd30557d5bb456 Mon Sep 17 00:00:00 2001 From: Philip Harrison Date: Mon, 18 Nov 2019 14:19:58 +0000 Subject: [PATCH] Amend npm vuln 505 for https-proxy-agent It looks like this vulnerability is now patched in version 2.2.3: https://github.com/TooTallNate/node-https-proxy-agent/releases/tag/2.2.3 Fixed in PR: https://github.com/TooTallNate/node-https-proxy-agent/pull/77 --- vuln/npm/505.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/vuln/npm/505.json b/vuln/npm/505.json index b696aa9c..dcec8504 100644 --- a/vuln/npm/505.json +++ b/vuln/npm/505.json @@ -12,9 +12,9 @@ }, "module_name": "https-proxy-agent", "cves": [], - "vulnerable_versions": "<3.0.0", - "patched_versions": ">=3.0.0", - "recommendation": "Update https-proxy-agent module to version >=3.0.0", + "vulnerable_versions": "<2.2.3", + "patched_versions": ">=2.2.3", + "recommendation": "Update https-proxy-agent module to version >=2.2.3", "references": [ "https://hackerone.com/reports/541502" ],