Echo-Server
Echo-Server copied to clipboard
Ealenn
fix(deps): update dependency body-parser to v1.20.3 [security]
This PR contains the following updates:
| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| body-parser | 1.20.2 -> 1.20.3 |
GitHub Vulnerability Alerts
CVE-2024-45590
Impact
body-parser <1.20.3 is vulnerable to denial of service when url encoding is enabled. A malicious actor using a specially crafted payload could flood the server with a large number of requests, resulting in denial of service.
Patches
this issue is patched in 1.20.3
References
Release Notes
expressjs/body-parser (body-parser)
v1.20.3
===================
- deps: [email protected]
- add
depthoption to customize the depth level in the parser - IMPORTANT: The default
depthlevel for parsing URL-encoded data is now32(previously wasInfinity)
Configuration
📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
- [ ] If you want to rebase/retry this PR, check this box
This PR was generated by Mend Renovate. View the repository job log.
![renovate[bot] avatar](https://avatars.githubusercontent.com/in/2740?v=4 "Published by a pub.dev verified publisher"){kind=small}
Codecov Report
All modified and coverable lines are covered by tests :white_check_mark:
Project coverage is 95.60%. Comparing base (
2b73548) to head (7744489).
Additional details and impacted files
@@ Coverage Diff @@
## master #172 +/- ##
=======================================
Coverage 95.60% 95.60%
=======================================
Files 11 11
Lines 91 91
=======================================
Hits 87 87
Misses 4 4
:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.
