Skip to content
This repository has been archived by the owner on Aug 4, 2021. It is now read-only.

Update micromatch dependency to fix Denial of Service security vulnerability #35

Closed
maxmilton opened this issue May 19, 2018 · 1 comment
Closed

Update micromatch dependency to fix Denial of Service security vulnerability #35

maxmilton opened this issue May 19, 2018 · 1 comment

Comments

@maxmilton
Copy link

The current micromatch version 2.3.11 is vulnerable to Regular Expression Denial of Service (ReDoS) attacks. Please update the dependency to version ^3.

More info: https://snyk.io/test/npm/micromatch/2.3.11?severity=high&severity=medium&severity=low
@wtgtybhertgeghgtwtg wtgtybhertgeghgtwtg mentioned this issue Jun 26, 2018
Merged
@stof
Copy link

stof commented Jan 30, 2019

should be reopened, because #43 reverted #36

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@stof @maxmilton