node-rest-client icon indicating copy to clipboard operation
node-rest-client copied to clipboard

Published 20 hours ago verified publisher icon aacerox

NPM Vulnerability

Open RecaMedia opened this issue 7 years ago • 2 comments

Hi just wanted to mention this is what my NPM audit provided and wanted to pass along the information.

  Low             Regular Expression Denial of Service
  Package         debug
  Patched in      >= 2.6.9 < 3.0.0 || >= 3.1.0
  Dependency of   paypal-permissions-sdk
  Path            paypal-permissions-sdk > node-rest-client > debug
  More info       https://nodesecurity.io/advisories/534

Please update when possible. Thanks!

RecaMedia avatar Jul 13 '18 21:07 RecaMedia

See https://github.com/aacerox/node-rest-client/pull/164... looks unlikely this will be resolved.

jkaeser avatar Nov 26 '18 21:11 jkaeser

Is there an alternate package which doesn't have the vunerability?

coderextreme avatar Mar 26 '19 10:03 coderextreme